Kerckhoffs' Principle - IBM z13s Technical Manual

that the intended party can de-scramble the data but an interloper cannot. This idea is also
referred to as confidentiality.
Authentication: This is the process of determining whether the partners in communication
are who they claim to be, which can be done by using certificates and signatures. It must
be possible to clearly identify the owner of the data or the sender and the receiver of the
message.
Integrity: The verification of data ensures that what has been received is identical to what
was sent. It must be verified that the data is complete and has not been modified.
Non-repudiation: It must be impossible for the owner of the data or the sender of the
message to deny authorship. Non-repudiation ensures that both sides of a communication
know that the other side has agreed to what was exchanged. This agreement implies a
legal liability and contractual obligation. This is the same as a signature on a contract.
In addition, these goals must be accomplished without unacceptable delay in the
communication itself. The goal is to keep the system secure, manageable, and productive.
The basic method for granting the protection of data is encrypting and decrypting it. For
authentication, integrity, and non-repudiation, hash algorithms, message authentication
codes (MACs), digital signatures, and certificates are used.
When encrypting a message, the sender transforms the clear text into a secret text. Doing
this requires two main elements:
The algorithm is the mathematical or logical formula that is applied to the key and the clear
text to deliver a ciphered result, or to take a ciphered text and deliver the original clear text.
The key ensures that the result of the encrypting data transformation by the algorithm is
only the same when the same key is used. The decryption of a ciphered message only
results in the original clear message when the correct key is used.
Therefore, the receiver of a ciphered message must know which algorithm and which key
must be used to decrypt the message.

6.2.2 Kerckhoffs' principle

In modern cryptography, the algorithm is published and known to everyone, while the keys are
kept secret. This system adheres to Kerckhoffs' principle, which is named after Auguste
Kerckhoffs, a Dutch cryptographer who formulated it in 1883: "A system should not depend on
secrecy, and it should be able to fall into the enemy's hands without disadvantage." In other
words, the security of a cryptographic system should depend on the security of the key, and
the key must be kept secret. Therefore, the secure management of keys is a primary task of
modern cryptographic systems.
The reasons for obeying to Kerckhoffs' Principle are obvious:
It is much more difficult to keep an algorithm secret than a key.
It is harder to exchange a compromised algorithm than to exchange a compromised key.
Secret algorithms can be reconstructed by reverse engineering of software or hardware
implementations.
Errors in public algorithms can generally be found more easily because many experts can
study it.
In history, most secret encryption methods have proved to be weak and inadequate.
Chapter 6. Cryptography
201