The goal should be to have an algorithm that is
as close to unassailable as possible. And indeed, this is the first of
Kerckhoffs's six stated design goals.
To clarify, Kerckhoffs suggested that if secret messages were to fall into
enemy hands, that "should not be a problem". He suggested that the system
itself should be "indecipherable" - meaning illegible, incomprehensible,
not understandable.
After a careful reading of Kerckhoffs' writings, it becomes more clear that
he viewed systems which relied on "secrecy" as being rival alternatives to
cryptography - either you use one or the other, but not both.
He cited several examples of secrecy, all of which were in the context of
HUMANS holding the secrets. For example, a system where a "dictionary" may
have been used to disclose the "secret" meaning of worlds. Disclosing the
secret (i.e. dictionary falling into enemy hands) would forever compromise
the system.
Cryptography on the other hand was a system which relied on tables which
depicted the transposition of alphanumeric characters at row-column
intersections, where the transposition could be modified by a key.
Cryptography tables and keys in and of themselves are "indecipherable".
Tables and keys could be changed at a moments notice. Thus systems which
relied entirely on humans keeping a secret - which would be forever
compromised if the secret were revealed, were viewed negatively.
Kerckhoffs probably could not have imagined a secret encryption algorithm
being hidden in an electronic computational device. If he had, he might as
well have recommended it so long as it remained "indecipherable".
midrange.com
