Security is a critical feature of our modern lives. With the number of things that rely on digital communications, security is basically fundamental now. Take the example of just connecting to a website. If the connection is securely encrypted then you can be confident that the data sent between you and the web server is unmodified and unknown to everyone else. If you connect insecurely, any device that transmits or can see the transmission of your connection can see exactly what data is transmitted. In that scenario, any device that is part of the transmission chain between you and the server can also edit the data in transit too.
The thing with all of this secrecy is that most of it isn’t secret at all. In fact, the entire encryption algorithm is public. Only a single part of the system needs to be secret in order for the encrypted messages to be secure. That’s the encryption key. Modern cryptography follows Kerckhoffs’s Principle from 1883: “a cryptosystem should be secure, even if everything about the system, except the key, is public knowledge.” Systems at that time typically relied on another principle: security through obscurity.
Security through obscurity
The concept of security through obscurity seems to make more sense at first. If the entire encryption system is secret, then how can anyone possibly decrypt the message? Unfortunately, while this makes sense, there are several major issues that it fails to account for. The main issue is simply that you can’t use the system without opening it up to the risk of it being exposed. If you implement it on a computer, it can be hacked. A physical machine can be stolen. If you only teach trusted people they can be tricked or captured and tortured.
A classic example of such as system is the Caesar shift cipher. It is actually named after Julius Caesar, who used it for sensitive correspondence. Caesar ciphers adjust the transpose one letter for another in a cyclical fashion. Caesar used a left shift of three, resulting in D becoming A. This is known from “Life of Julius Caesar” written by Suetonius in the year 56AD. It is unclear how secure that cipher was at the time. Such a scheme now would offer essentially no security. The reason for this is that the system relies on the system remaining secret. Technically it does use a key, that key is the number of places shifted in the alphabet. The number of possible keys though is so small that all possible options can be easily tested, even by hand. This leaves only a lack of knowledge of the system as the protection factor.
The enemy knows the system
At some point, the enemy, whoever that might be, will probably be able to completely understand your system as if it were public. If your system is only secure if the system is secret, then when the system is understood, you need to replace it. This is costly and takes time. If instead your system only relies on the secrecy of a key, that is not only a lot easier to keep secret, but it’s easier to change too.
Complex and poorly documented systems are often hard to implement properly. They’re also hard to maintain, especially when they’re not being maintained by the creator. Enough documentation needs to exist so that legitimate users can use the system. This documentation can then be acquired by an adversary who then can gain a partial or full understanding of the system.
Additionally, proper cryptography is incredibly hard to do well even for people familiar with the concepts. If a system is designed by a non-expert there is a good chance that there are at least minor, if not major, flaws in it. A public system can be reviewed by all of the experts, over a period of decades. This gives a solid reason to believe that a well-known system is actually secure.
Security through obscurity is the concept of a system that is secure because the mechanism of the system is not understood. Unfortunately, it’s relatively easy to gain an understanding of the system, and then difficult to develop a sufficiently new system. Modern security systems, such as cryptography are typically public and rely on the security of a secret key to protect the data it secures. The key can be changed at will. Many different keys can be used at once by different people with no adverse effect. It is much easier to secure a small key than an entire system. It is also much easier to change when it is compromised.
Did this help? Let us know!