If I take a letter, lock it in a safe, hide the safe somewhere in New York, then tell you to read the letter, that's not security. That's obscurity. On the other hand, if I take a letter, and lock it in a safe, and then give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the world's best safecrackers can study the locking mechanism -- and you still can't open the safe and read the letter -- that's security.
-- Bruce Schneier (1963-), Applied Cryptography, 2nd Edition, p. xix (1996)
No comments:
Post a Comment