Kerckhoffs' principle - Wikipedia, the free encyclopedia
Bruce Schneier ties it in with a belief that all security systems must be designed to fail as gracefully as possible:
- "Kerckhoffs' principle applies beyond codes and ciphers to security systems in general: every secret creates a potential failure point. Secrecy, in other words, is a prime cause of brittleness—and therefore something likely to make a system prone to catastrophic collapse. Conversely, openness provides ductility."[2]
Eric Raymond extends this principle in support of open source security software, saying
Any security software design that doesn't assume the enemy possesses the source code is already untrustworthy; therefore, never trust closed source.[3]
Posted from Diigo. The rest of my favorite links are here.
No comments:
Post a Comment