Kerckhoffs' Requirements are general cryptosystem requirements formulated in 1883 (from the Handbook of Applied Cryptography):
- 1. The system should be, if not theoretically unbreakable, unbreakable in practice.
- Of course there are no realized systems which are "theoretically unbreakable," but there is also little point in using kid sister encryption.
- 2. Compromise of the system details should not inconvenience the correspondents.
- Nowadays we generally assume that the enemy will have full details of the cipher, since, for a cipher to be widely used, it must be present at many locations and is therefore likely to be exposed. We also assume that the enemy will have some amount of known-plaintext to work with.
- 3. The key should be rememberable without notes and easily changed.
-
- This is still an issue. Hashing allows us to use long language phrases, but the best approach may someday be to have both a hardware key card and a key phrase.)
- 4. The cryptogram should be transmissible by telegraph.
- This is where the list begins to show its age. The intention is that nonstandard characters are not used (made up letters, etc). A more appropriate rule for this day and age would be a requirement of binary transmission.
- 5. The encryption apparatus should be portable and operable by a single person.
- Modern encryption software approaches this ideal.)
- 6. The system should be easy, requiring neither the knowledge of a long list of rules nor mental strain.
- Software encryption has the potential to approach this, but often fails to do so. eg, certifying public keys, etc.)