Kerckhoffs’s principle holds that the security of a cryptographic system should depend only on the secrecy of the key, not on the secrecy of the algorithm. In other words, you should be able to publish exactly how your cipher works and still be safe, because everything an adversary needs except the key is allowed to be public. This is the formal version of the warning against “security through obscurity.”
The principle comes from Auguste Kerckhoffs, who set it out in his 1883 work “La cryptographie militaire,” published in the Journal des sciences militaires. Writing about practical military cipher systems, he laid down a set of requirements for a usable field cipher, the most enduring of which is that the system must not require secrecy and can fall into the enemy’s hands without causing harm, as long as the key stays secret.
The reasoning is practical, not merely theoretical. Algorithms are hard to keep secret: they are implemented in devices and software that can be captured, reverse-engineered, or leaked, and once an algorithm is exposed it cannot be quietly replaced everywhere. A key, by contrast, is small and easy to change, so concentrating all the secrecy in the key makes a system far more robust.
This principle became a foundation of open cryptographic design. Modern standards like AES are published in full detail and subjected to years of public scrutiny precisely because surviving open analysis is the best evidence of strength. A cipher that depends on staying secret is considered untrustworthy; a cipher that stays secure under full public knowledge of its design is the goal.