Encryption Security

  • Friedrich L. Bauer


Passwords serve to select a method from a class of methods, and keys especially to select encryption steps from an encryption system. It is wise to assume pessimistically that the enemy knows what method has been chosen—there are not too many of them, and most cryptographers are familiar with only a few. The ‘basic law of cryptology’, which Kerckhoffs1 had formulated as “il faut qu’il puisse sans inconvénient tomber entre les mains de l’ennemi” was expressed more succinctly by Shannon in 1949: “the enemy knows the system being used.” It follows that one must be particularly careful in the choice of a key. It is a serious mistake to use obvious words. Porta gave the express warning: “the further removed the key words are from common knowledge, the greater the security they provide.” The use of keys had hardly become common practice before unauthorized persons succeeded in decrypting messages by guessing the key word.


Probable Word Code Book Encrypt Message Commercial Vendor National Security Agency 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Auguste Kerckhoffs (1835–1903), Flemish professor (La cryptographie militaire, 1883).Google Scholar
  2. 2.
    Marcel Givierge, French general, successful cryptanalyst in the Second World War, author of Cours de Cryptographie, Paris 1925.Google Scholar
  3. 3.
    Already in 1930, Lieutenant Henno Lucan, Second Signals Officer of the battleship Elsaß, pointed out in a study a weakness of the ENIGMA. With the introduction of the plugboard, the worries seemed to be banished.Google Scholar
  4. 4.
    Claude E. Shannon, A Mathematical Theory of Cryptography. Internal Report, September 1, 1945. Published in: Communication Theory of Secrecy Systems. Bell System Technical Journal 28, 656–715 (October 1949).Google Scholar
  5. 5.
    Escrowed Encryption Standard (EES), Federal Information Processing Standards Publication (FIPS PUB) 185, Feb. 9, 1994.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Friedrich L. Bauer
    • 1
  1. 1.Department of Computer ScienceMunich Institute of TechnologyMunichGermany

Personalised recommendations