"Schneier's Law"
Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break.
In 2004, Cory Doctorow called this Schneier’s law:
…what I think of as Schneier’s Law: “any person can invent a security system so clever that she or he can’t think of how to break it.”
The general idea is older than my writing. Wikipedia points out that in The Codebreakers, David Kahn writes:
Few false ideas have more firmly gripped the minds of so many intelligent men than the one that, if they just tried, they could invent a cipher that no one could break.
The idea is even older. Back in 1864, Charles Babbage wrote:
One of the most singular characteristics of the art of deciphering is the strong conviction possessed by every person, even moderately acquainted with it, that he is able to construct a cipher which nobody else can decipher.
My phrasing is different, though. Here’s my original quote in context:
Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break. It’s not even hard. What is hard is creating an algorithm that no one else can break, even after years of analysis. And the only way to prove that is to subject the algorithm to years of analysis by the best cryptographers around.
And here’s me in 2006:
Anyone can invent a security system that he himself cannot break. I’ve said this so often that Cory Doctorow has named it “Schneier’s Law”: When someone hands you a security system and says, “I believe this is secure,” the first thing you have to ask is, “Who the hell are you?” Show me what you’ve broken to demonstrate that your assertion of the system’s security means something.
And that’s the point I want to make. It’s not that people believe they can create an unbreakable cipher; it’s that people create a cipher that they themselves can’t break, and then use that as evidence they’ve created an unbreakable cipher.
EDITED TO ADD (4/16): This is an example of the Dunning-Kruger effect, named after the authors of this paper: “Unskilled and Unaware of It: How Difficulties in recognizing One’s Own Incompetence Lead to Inflated Self-Assessments.”
Abstract: People tend to hold overly favorable views of their abilities in many social and intellectual domains. The authors suggest that this overestimation occurs, in part, because people who are unskilled in these domains suffer a dual burden: Not only do these people reach erroneous conclusions and make unfortunate choices, but their incompetence robs them of the metacognitive ability to realize it. Across 4 studies, the authors found that participants scoring in the bottom quartile on tests of humor, grammar, and logic grossly overestimated their test performance and ability. Although their test scores put them in the 12th percentile, they estimated themselves to be in the 62nd. Several analyses linked this miscalibration to deficits in metacognitive skill, or the capacity to distinguish accuracy from error. Paradoxically, improving the skills of participants, and thus increasing their metacognitive competence, helped them recognize the limitations of their abilities.
EDITED TO ADD (4/18): If I have any contribution to this, it’s to generalize it to security systems and not just to cryptographic algorithms. Because anyone can design a security system that he cannot break, evaluating the security credentials of the designer is an essential aspect of evaluating the system’s security.
Carlo Graziani • April 15, 2011 2:06 PM
From Phil Zimmerman’s original PGP docs, at http://www.cl.cam.ac.uk/PGP/pgpdoc1/pgpdoc1_29.html:
“When I was in college in the early seventies, I devised what I believed was a brilliant encryption scheme. A simple pseudorandom number stream was added to the plaintext stream to create ciphertext. This would seemingly thwart any frequency analysis of the ciphertext, and would be uncrackable even to the most resourceful Government intelligence agencies. I felt so smug about my achievement. So cock-sure.
Years later, I discovered this same scheme in several introductory cryptography texts and tutorial papers. How nice. Other cryptographers had thought of the same scheme. Unfortunately, the scheme was presented as a simple homework assignment on how to use elementary cryptanalytic techniques to trivially crack it. So much for my brilliant scheme.”
and
“I remember a conversation with Brian Snow, a highly placed senior cryptographer with the NSA. He said he would never trust an encryption algorithm designed by someone who had not earned their bones by first spending a lot of time cracking codes. That did make a lot of sense. I observed that practically no one in the commercial world of cryptography qualified under this criterion. “Yes”, he said with a self assured smile, “And that makes our job at NSA so much easier.” A chilling thought. I didn’t qualify either. ”
This sort of hard-earned humility is, I believe, the hallmark of a competent cryptographer (of which Zimmerman is of course an excellent example).