>> Kerckhoff's principle believes only secrecy of the key provides security.
Kerckhoff的原理认为只有密钥的秘密才能提供安全性。Shannon's maxim states the enemy knows the system.
香农的格言说敌人知道这个系统。It's very hard to keep the details of a popular algorithm secret.
很难对流行算法的细节保密。Thinking you're achieving security like this is called security through obscurity.
认为您正在实现这样的安全性称为通过隐藏来实现安全性。It's when you rely on the secrecy of the designand the implementation of a system as your security.
当您依赖于系统的设计和实现的保密性作为安全性时。There could be many vulnerabilities in such a system, but if no one knows about a systemor its flaws, according to security through obscurity, attacks can be prevented.
这样的系统可能存在许多漏洞,但是如果没有人知道系统或它的缺陷,根据通过隐藏的安全性,攻击是可以预防的。Sounds like an ostrich sticking his head in the sand.
听起来像鸵鸟把头埋在沙子里。To really make a robust encryption algorithm, you've got to throw it out into the publicand let lots of cryptographers to try to find flaws.
要真正做出一个健壮的加密算法,你必须把它公布于众,让很多密码学家去寻找漏洞。Keeping it secret and doing all that work yourself is not the same.
保守秘密和自己做所有的工作是不一样的。Now, by pure logic, if the only way to make an algorithm secure is to let people pokeand prod at it, it can't be secret.
根据纯粹的逻辑,如果保证算法安全的唯一方法是让人们去戳它,它就不可能是秘密。What if the algorithm was compromised?
如果算法被破坏了呢?
Every single location the algorithm was implemented would need to be changed.
算法实现的每个位置都需要更改。That's hard to do.
这很难做到。It's easier to replace a key than an algorithm.
替换密钥比替换算法更容易。So if you suspect that a key is compromised, you can just select a different key.
因此,如果您怀疑某个密钥已被泄露,可以选择另一个密钥。In fact, you can even switch keys over specific time intervalsto limit the impact of any potential leak.
实际上,您甚至可以在特定的时间间隔内切换密钥,以限制任何潜在泄漏的影响。Switching encryption algorithms every year, on the other hand, is not as practical.
另一方面,每年交换加密算法并不实用。
转载于:https://www.cnblogs.com/sec875/articles/10321308.html
相关资源:微信小程序源码-合集4.rar