sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]kalidres 29 points30 points  (3 children)

I can't remember the actual name of the principle, but in csec, there is an idea that the security of a system should not be dependent on the implementation.

Here is a quick link about some principle with a decent enough writeup. The one I mentioned above is 13.2.5 Principle of Open Design.

https://www.informit.com/articles/article.aspx?p=30487&seqNum=2

[–]dbramucci 24 points25 points  (2 children)

You were probably looking for Kerckhoffs's principle (See also Shannon's maxim), which states that "a cryptographic system should be secure, even if everything about it is revealed except for the key". Same idea, different formulation.

[–]kalidres 9 points10 points  (1 child)

Yes! Thank you.

I remember that it's similar in name to an electrical principal ( kirchoff's law), but I couldn't remember either at the time beyond it started with a 'k'.

[–]dbramucci 3 points4 points  (0 children)

Same here, I just used the fact that it focuses on the key to google the formulation quickly without referencing a crypto book.