Chris Lawrence <news03@holosys.co.uk.invalid> wrote in
news:Pine.WNT.4.63.0609112310540.3792@holodeck3.ho losys.wlan:

....
>> Kerckhoff's principle recognizes that every secret is a potential
>> point of failure, and such points of failure should therefore be
>> minimized by "concentrating" all secrecy at one point, the key, which
>> can then be guarded without diffusing one's resources. A case of
>> accepting the violation of another principle - no single point of
>> failure - but compensating by guarding the one secret (i.e., the
>> potential point of failure) well.
>
> Exactly, "guarding" being the operative word, almost always coming
> down to a case of hiding something, for example a sequence of
> characters in your head, or keeping a car key separate from the car.


While hiding is the primary mechanism for most ordinary folk, there is an
alternative: prevention of dislosure by physical security including safes,
vaults, and guards (a literal application of guarding).

Safes, of course, are themselves protected by a secret (the combination or
physical key). We thus arrive at an interesting recursion problem :-)

Regards,