Kerckhoff’s Principle
Kerckhoff’s principle is the concept that a Cryptographic system should be designed to be secure, even if all its details, except for the key, are publicly known.
Kerckhoff’s principle indicates that the unknowability of secret key $k$ is critical to ensure the security of cryptographic primitive. This principle also makes the storage and transmission of keys extremely important.
Eureka moment!
第一次学习柯克霍夫定律的时候确实有点惊艳的感觉:一个安全的加密方案竟然必须建立在其所有细节向敌手暴露的前提之下。尽管看上去有点反常识,仔细想想却是有道理的;如果连加密方案本身都需要进行保密,那它的应用价值将大大减少,更遑论加密算法的标准化与通用化了。 而且由此可见现在流行的加密方案都是久经考验的:想象一下,由于算法的所有细节都是公开的知识,一定会有无数人尝试去破解;一个加密方案能够稳定的存在,这一事实本身就能证明其安全性。