Transcript:
Common sense seems to dictate that the best way to keep a secret would be to hide the existence of the secret itself, and also hide the mechanism by which you protect your secrets. But that’s simply not what we do. At Storagepipe, we exclusively encrypt your data using open standard such as AES, SSL and TLS.
If any hackers are watching this video, they can easily use this information to locate the exact algorithm that we use to encrypt and protect our customer data. And we’re not the only ones. Banks, governments, police departments and hospitals all rely on these same publicly available open standards for the protection of their sensitive private information.
But why be so open? Is everyone in the IT security industry really that careless or irresponsible?
Auguste Kerckhoffs was a Dutch linguist and cryptographer who in – response to the recent invention of the telegraph – published several works during the 1880s which laid the foundation for modern cryptography. Incredibly, the principles he’d put forward have continued to be applied, long after death of the telegraph.
One of Kerckhoffs’ most important principles was that t he design of an encryption system should not require secrecy. In his vision, encryption technologies should ideally work using 2 components:
- An encryption key
- and An encryption “machine”
Although the encryption key should be kept secret, the security of an encryption machine should never depend on the secrecy of its algorithm.
In fact, it should always be assumed that your enemy will eventually find out how your encryption machine works!
During World War 2, Hitler’s military didn’t believe in Kerckhoffs’ principle. And our good friend Alan Turing was able to demonstrate the consequences of violating these principles, when helping to defeat the Nazis.
Today, this idea is taken to the furthest extremes. When it comes to encryption, we exclusively rely on algorithms that have actually been published and tested at a large scale, by the world’s most talented encryption experts.
Some will argue that hiding in obscurity is the best way to keep secrets hidden. But this only provides a false sense of security.
The nature of secrets is that – as they accumulate in volume – they become harder to hide.
By following Kerckhoffs’ principle, you ensure that the encryption key is the only secret that you need to keep. And by minimizing your secrets, you increase security.
It’s been over 130 years since Kerckhoffs first published his principles for secure encryption. And incredibly, they are just as applicable today as they were when he’d first published them back in the 1880s.