Kerckhoff principle

Protection of data is closely connected to a so-called Kerckhoff principle, attributed to Prussian officer Kerckhoff, 150 years ago.

Protection and security of encrypted data must not be dependent on obscurity of the encryption process. Conversely: it must be expected that the adversary knows all details of the used encryption process, except the used key. The security must lie in the key, and in the key only.

This principle is generally taken to be a base for successful data protection. That is why scientists have concentrated their efforts to construct good, publicly known standards (algorithms) and on verification that these standards are really secure.

Such standards include, for example, symmetric cipher AES and hash function SHA-2. Their security has been demonstrated by the fact that despite many years of work of thousands of scientists, no one found a method how to „break“ these standards in practice.

For more information about Kerckhoff principle, visit Wikipedia, article Kerckhoff principle.

Next chapter:Symmetric cipher AES
Previous chapter:Symmetric encryption