Why openness is best — even in cryptography. (Especially in cryptography?)
“Cryptography is hard, and almost all cryptographic systems are insecure. It takes the cryptographic community, working over years, to properly vet a system. Almost all secure cryptographic systems were developed with public and published algorithms and protocols. I can’t think of a single cryptographic system developed in secret that, when eventually disclosed to the public, didn’t have flaws discovered by the cryptographic community. And this includes the Skipjack algorithm and the Clipper protocol, both NSA-developed.”
Excerpt from Brice Schneier’s latest Cryptogram newsletter.