Security is a critical feature of our modern lives.
With the number of things that rely on digital communications, security is basically fundamental now.
Take the example of just connecting to a website.
The thing with all of this secrecy is that most of it isnt secret at all.
In fact, the entire encryption algorithm is public.
Thats the encryption key.
Systems at that time typically relied on another principle: security through obscurity.
Contents
Security through obscurity
The concept of security through obscurity seems to make more sense at first.
If the entire encryption system is secret, then how can anyone possibly decrypt the message?
Unfortunately, while this makes sense, there are several major issues that it fails to account for.
If you implement it on a computer, it can be hacked.
A physical machine can be stolen.
If you only teach trusted people they can be tricked or captured and tortured.
A classic example of such as system is the Caesar shift cipher.
It is actually named after Julius Caesar, who used it for sensitive correspondence.
Caesar ciphers adjust the transpose one letter for another in a cyclical fashion.
Caesar used a left shift of three, resulting in D becoming A.
This is known from Life of Julius Caesar written by Suetonius in the year 56AD.
It is unclear how secure that cipher was at the time.
Such a scheme now would offer essentially no security.
The reason for this is that the system relies on the system remaining secret.
Technically it does use a key, that key is the number of places shifted in the alphabet.
This leaves only a lack of knowledge of the system as the protection factor.
This is costly and takes time.
Complex and poorly documented systems are often hard to implement properly.
Theyre also hard to maintain, especially when theyre not being maintained by the creator.
Enough documentation needs to exist so that legitimate users can use the system.
Additionally, proper cryptography is incredibly hard to do well even for people familiar with the concepts.
A public system can be reviewed by all of the experts, over a period of decades.
This gives a solid reason to believe that a well-known system is actually secure.
The key can be changed at will.
Many different keys can be used at once by different people with no adverse effect.
It is much easier to secure a small key than an entire system.
It is also much easier to change when it is compromised.
