Quiz Entry - updated: 2026.05.31
What is Kerckhoffs' Principle, and why is it the default for modern cryptography?
A cryptosystem should remain secure even if everything about it except the key is publicly known.
The Dutch cryptographer Auguste Kerckhoffs published it in 1883. Translated to modern terms: the algorithm, protocol, implementation, parameters, and modes are all assumed public. Only the key is secret.
Why this is the default:
- Algorithms can't stay secret in practice — software gets reverse-engineered, hardware gets decapped, employees leak, vendors publish. "Security through obscurity" of the algorithm has failed every single time it's been tried at scale (A5/1 in GSM, content scramble in DVDs, Mifare Classic, …).
- Public algorithms get reviewed. AES, RSA, ECC, SHA-2 all went through years of public cryptanalysis before being trusted. A secret algorithm has been reviewed only by its (small) author team.
- Key rotation is cheap; algorithm rotation is expensive. If only the key is secret, a compromise just means rotating keys. If the algorithm was secret too, you have to rebuild the whole system.
Tip: Whenever you see "we use our own proprietary encryption", that's a red flag — it's the opposite of Kerckhoffs and the opposite of what every modern security standard recommends.