1. 14
  1.  

  2. 1

    In a sense, the fundamental problem in cryptosystems is distributing, managing, and correctly using secrets (‘keys’). If we can assume perfect key distribution and key management (including use) for arbitrary sized keys, we can use one-time pads and have totally secure communications

    This is not true. one time pads provide perfect confidentiality but zero integrity. The reason for this is that mallory can edit bits of the data by xoring it.

    The shorter the secret is (without being guessable in too short a time), the more random it is

    No this isn’t true at all. entropy is the measure of randomness and the length of a string does not affect its entropy (it just puts an upper bound on it): what increases entropy to pick things uniformly instead of bias, and to pick things from a large pool of possibilities.

    Also the justification of Kerchoff’s principle is not theoretical - as this post tries to argue. It is practical. We’ve learned that this is important for real attacks throughout history. From https://blog.cloudflare.com/a-note-about-kerckhoffs-principle/

    A great example of this is the breaking of the Nazi German Enigma cipher during the Second World War. By stealing machines, receiving information from other secret services, and reading the manuals, the Allies knew everything there was to know about how the Enigma machine worked.

    Engima’s security relied not on its secrecy, but on its complexity (and on keeping the daily key a secret). Engima was broken by attacking the mathematics behind its encryption and building special machines to exploit mathematical flaws in the encryption.

    1. 2

      This is not true. one time pads provide perfect confidentiality but zero integrity. The reason for this is that mallory can edit bits of the data by xoring it.

      True, but with no limits on key size we can add enough bits for a random linear message authentication code.

      The shorter the secret is (without being guessable in too short a time), the more random it is

      No this isn’t true at all. entropy is the measure of randomness and the length of a string does not affect its entropy

      The author does not present this as an implication, these are two of the three desirables — short, random, narrowly available.

      Also the justification of Kerchoff’s principle is not theoretical - as this post tries to argue. It is practical.

      The post argues it has both practical and also theoretical justifications. And arguably the theoretical justifications proposed summarise a subset but not all of the practical justifications (which is a reasonable thing for theoretical arguments to do).