August 10, 2004

Kerckhoffs' 6 principles from 1883

Auguste Kerckhoffs, a Dutch cryptographer who taught in France in the latter part of the 19th century, wrote an influential article that expounded basic principles of a communications security system [1]. Kerckhoffs' 6 basic principles are:

  1. The system must be practically, if not mathematically, indecipherable;
  2. It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience;
  3. Its key must be communicable and retainable without the help of written notes, and changeable or modifiable at the will of the correspondents;
  4. It must be compatible with the means of communication;
  5. It must be portable, and its usage and function must not require the concourse of several people;
  6. Finally, it is necessary, given the circumstances that command its application, that the system be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to observe.

This list was derived from the translation from the original French [2], also one on Wikipedia [3], and slightly updated for modern times (point 4).

Principle 2 is often referred to as Kerckhoffs' law, and also known as Shannon's maxim: "the enemy knows the system [4]." I guess cryptographers think that makes it more important, but I can't see it myself, there are plenty of systems around that fail on the other principles, and plenty of systems around that deliver security through obscurity.

Like any set of principles, knowing them is a given. It's knowing when to break them that distinguishes [5].

[1] Auguste Kerckhoffs, ?La cryptographie militaire? ("Military Cryptography"), Journal des sciences militaires, vol. IX, pp. 5?38, Jan. 1883, pp. 161-191, Feb. 1883.
[2] fabien a. p. petitcolas's site includes the original French article as well.
[5] See for example Leo Marks' use of written keys silk as described in "Between Silk and Cyanide". Steve Bellovin summarised this on 9th September 2004, which might be in the cryptography archives by tomorrow.

Posted by iang at August 10, 2004 05:21 AM | TrackBack

The system must be able to be used by any idiot because eventually one will.

Posted by: Jimbo at August 10, 2004 08:38 AM

Hi Ian,

Just for the record, the only verifiable/reliable on-line reference I found on biographical details on Kerckhoffs is

And his second /condition/ or desidiratum is:

"It is necessary that it [i.e. the secrecy of the system] doesn't require the secret [i.e. the key], and that it can fall in the hand of the enemy without any disadavantage."

Subtly different.

What most cryptographers seems to miss in Kerckhoffs' desidirata is that he requires it to be simple enough to be actually used (no 6). PKI & HCA's a point in place.



Posted by: Twan at August 11, 2004 06:07 AM

I think we are all in accordance with Kerckhoffs' 6th principle. An interesting question arises - if one had to sacrifice one of Kerchhoffs principles, how would one go about it?

It occurs to me that one should sacrifice in this order: 1,2,3,4,5,6.

I wonder if he had that in mind?

Posted by: Iang at August 11, 2004 06:18 AM

Twan I think you are wrong.
With today technology practically anyone can encrypt but the first one to sacrifice is the number 6, that means the system used to encrypt smth could set several instructions (for example a computer program, any kind of application that does the hard work for yourself...) and you are not aware of the interfase that is going on (unless you programmed it ;), you only manage the input and the output. (the 19th century criptography point of view was a less sofisticated and simple approach to the question)

Posted by: at July 5, 2009 07:51 PM
Post a comment

Remember personal info?

Hit preview to see your comment as it would be displayed.