I will take a look at that and get back to you on it.
Kerckhoffs's principle - Wikipedia
Some governments might keep their servers isolated from the internet, true. Most people don't really follow that Kerckhoff's principle; because they need to communicate. Therefore they need to rely upon encryption. Most also don't understand how it works. If suddenly the foundational principle were discovered to be wrong then the first party with the ability to crack any encryption codes -- that party could obtain almost any secured information with it. They would instantly be a super hacker. Without a lot of extra effort they could forge credentials, too.
So if one were to discover that key encryption was never going to be secure again, how should they go about protecting everyone from the results of that? What would be the smart way to reveal the truth? Call the local ambassador or what? Secretly publish a warning? Get rich first and then publish it?
I don't know if it's true that most people don't follow this principle as I haven't seen any statistics. Sure there are definitely government cyphers that are not revealed to the public, but there remains a very large public community in the cryptography field.
I think it's agreed upon that except maybe for One-Time Pads, all cyphers are vulnerable to brute force attacks...with enough time and computing power. We rely on the complexity and length of the key to extend the time that takes to an unreasonable amount. That means that as computing power increases, algorithms become obsolete and we need to find new ones. In that respect, I don't think it's worth wasting time worrying about decrypting keys: since we know how complex a key may be, we can determine how long it would take to decrypt it based on current computational resources. For instance, the now (hopefully) defunct Data Encryption Standard (DES):
In
1977, Diffie and Hellman proposed a machine costing an estimated
US$20 million which could find a DES key in a single day.
[1][28] By
1993, Wiener had proposed a key-search machine costing
US$1 million which would find a key within 7 hours...
The feasibility of cracking DES quickly was demonstrated in
1998 when a custom DES-cracker was built by the
Electronic Frontier Foundation(EFF), a cyberspace civil rights group, at the cost of approximately
US$250,000 (see
EFF DES cracker). Their motivation was to show that DES was breakable in practice as well as in theory: "
There are many people who will not believe a truth until they can see it with their own eyes. Showing them a physical machine that can crack DES in a few days is the only way to convince some people that they really cannot trust their security to DES." The machine brute-forced a key in a little more than 2 days' worth of searching.
The next confirmed DES cracker was the COPACOBANA machine built in
2006 by teams of the
Universities of Bochum and
Kiel, both in
Germany. Unlike the EFF machine, COPACOBANA consists of commercially available, reconfigurable integrated circuits. 120 of these
field-programmable gate arrays (FPGAs) of type XILINX Spartan-3 1000 run in parallel. They are grouped in 20 DIMM modules, each containing 6 FPGAs. The use of reconfigurable hardware makes the machine applicable to other code breaking tasks as well.
[29] One of the more interesting aspects of COPACOBANA is its cost factor. One machine can be built for approximately
$10,000.
[30]The cost decrease by roughly a factor of 25 over the EFF machine is an example of the continuous improvement of
digital hardware—see
Moore's law. Adjusting for inflation over 8 years yields an even higher improvement of about 30x. Since 2007,
SciEngines GmbH, a spin-off company of the two project partners of COPACOBANA has enhanced and developed successors of COPACOBANA. In 2008 their COPACOBANA RIVYERA reduced the time to break DES to less than one day, using 128 Spartan-3 5000's. SciEngines RIVYERA held the record in brute-force breaking DES, having utilized 128 Spartan-3 5000 FPGAs.
[31] Their 256 Spartan-6 LX150 model has further lowered this time.
In 2012, David Hutton and Moxie Marlinspike announced a system with 48 Xilinx Virtex-6 LX240T FPGAs, each FPGA containing 40 fully pipelined DES cores running at 400 MHz, for a total capacity of 768 gigakeys/sec. The system can exhaustively search the entire 56-bit DES key space in about 26 hours and this service is offered for a fee online.
[32][33]
What this demonstrates is that as Moore's Law expresses, as time passes, computer power increases resulting in more efficient brute-force attacks against algorithms. But it also demonstrates that until a certain point, decrypting a key through brute-force while technically possible, it's generally not feasible without access to supercomputers. One way of staving off that time is by increasing the complexity of the algorithms and keys: 3DES, Elliptic Curve (ECC), and cutting edge quantum and post-quantum cryptography serve that goal.
Lastly, it also demonstrates that studies on algorithms are ongoing and publicized. What we do worry about is finding exploits - flaws in the algorithms themselves or in their implementation. Aside from academic research, there are a number of well-known databases and forums for sharing zero-day exploits - and I think it wouldn't be wrong to say that a large chunk of our cyber security relies on these public forums. That's more often how cyphers become insecure, as is the case perhaps most famously with WEP and it's algorithm RC4, which can be cracked within minutes.
By publicizing this information, we all learn to be more secure and we all become engaged in the search for greater security. And I think that is the point of Kerchkoff's principle.
