An extract translated from La cryptographie militaire (Military Cryptography) by Auguste Kerckhoffs published in 1883. Remember that encryption was to be carried out by hand using memorized information, which explains some of the more antiquated-looking principles below, but many still apply. Principle #1, and the explanation of it that follows, suggests the role of computationally intractable problems, which we will discuss later. Principle #2 is now known as Kerckhoffs' principle, and remains a cornerstone of cryptography.

---

REQUIREMENTS FOR A CRYPTOGRAPHIC SYSTEM

1. The system must be practically, if not mathematically, indecipherable.

2. The system must not be required to be secret; it should be able to fall into the hands of the enemy without causing any inconvenience.

3. It must be possible to communicate and remember the key without recourse to written notes, and to modify it whenever the correspondents wish.

4. It should be applicable to messages sent by telegraph.

5.  It must be portable; its use must not require the cooperation of several people.

6. Finally, it is necessary, given the circumstances under which such systems are applied, that it be simple to use, requiring neither great mental effort nor a long series of rules to follow.

Everyone agrees on these last three points, but not on the first three.

Thus, there are people in authority who maintain that the absolute indecipherability  of the cipher need not be considered a sine qua non for its use in the army, that the encrypted instructions transmitted in wartime have only a momentary imporance and need not be held secret longer than three or four hours after they are given.  That it is therefore is of little imporance if the meaning of a secret dispatch becomes known to the enemy several hours after it is intercepted; that it is enough, in a word, that the system be crafted in such a manner that that its decipherment requires at least three or four hours of work.  They add that the possibility of changing the key at will robs indecipherability of all its importance.

At first glance, this argument appears correct, but I believe that at bottom it is false.  Indeed, I think that it forgets the fact that the secrecy of messages very often keeps its importance past the day that they are sent.  Without listing all the eventualities that can arise, it is enough to cite the case where the commander of a city under siege sends infomation to the army that must come to its aid.  Moreover, once someone has managed to decipher an intercepted message, every new dispatch, encrypted with the same key and likewise intercepted, can be read instantly.  As a result, after a certain time, dispatches will be sent in all directions, and their decipherment will in a sense have been accomplished in advance---unless one allows that in an army corps all the encrypted messages come from a single person, or at least pass through the hands of a single person, which would reduce secret correspondence to an extremely modest role.

The ability to change the key at will is certainly an essential condition of every cryptographic system, but it is a deceptive advantage, which one cannot count on practically through the thousand adventures of a long military campaign.

As to the necessity of a secret system, which, in my view, constitutes the principal defect of ALL our cryptographic systems,  I will observe that in a sense it restricts the use of the cryptographic system exclusively to top commanders.  And here, by 'secret', I do not mean the key, but the material part of the system:  Tables, codebooks, or mechanical devices that are needed to apply the system.  Indeed, one need not invent imaginary phantoms nor doubt the honesty of employees and subordinates to understand that if  a secret system was known to too many individuals, it could be compromised by any use of it made by any of them.   This is enough to condemn the codebooks which are in use today in the army.

It will be objected that if we meet this goal (#2), it will scarcely be possible to create a completely indecipherable system.  Let's understand:  I know very well that to have under these conditions a system that is mathematically indecipherable is mathematically impossible.  But I claim, and not without good reason, that one can create systems that are, if not mathematically, at least practically, indecipherable, while still realizing the goals that I have set out above.

There is now serious reason for suggesting that the  minister of war replace the secret codebooks by some other, more practical system. If the administration wishes to profit from all the services that a well-crafted cryptographic system can render, it must absolutely renounce secret methods, and establish the principle that it will accept only systems that can be taught openly in our military schools, that our students are free to communicate to whomever they choose, and that our neighbors can copy and adopt if they wish.  I will say more:  It is only when our officers will have studied the principles of cryptography and learned the art of  decipherment that they will be able to avoid the many blunders that compromise the keys of the best systems.