Just before Thanksgiving break, I asked you to spend some time reflecting on lessons you’ve learned this semester about keeping secrets, given all the examples of cryptography and cryptanalysis we’ve seen this fall. Here’s what you came up with:

Lesson Learned (Part 1)Lesson Learned (Part 2)(Click on a photo to see a larger version.)

Here’s the same list, without all the nonlinear connections:

  • You can’t keep secrets forever.
  • Someone will break your cipher.
  • You don’t know how clever the enemy is.
  • Change ciphers frequently.
  • One of your allies will screw up / betray you.
  • Minimize errors through simple systems.
  • Keep your circle of allies small. (Trust no one few.)
  • Persistence / computing power will defeat you.
  • Assume the worst. Double check.
  • Use discretion in your plaintext.
  • Kerckhoff’s Principle: The strength of your system shouldn’t depend on keeping its mechanics secret.
  • Schneier’s Principle: Use a system lots of people have tried to break.
  • Prioritize your secrets. Which secrets? From whom?
  • Minimize ciphertext.

Be sure to draw on these lessons learned in your final papers on practical cryptography!