Secrecy is the practice of hiding information from certain individuals or groups who do not have the "need to know", perhaps while sharing it with other individuals. That which is kept hidden is known as the secret.
Secrecy is often controversial, depending on the content or nature of the secret, the group or people keeping the secret, and the motivation for secrecy.
Secrecy by government entities is often decried as excessive or in promotion of poor operation[ by whom? ]; excessive revelation of information on individuals can conflict with virtues of privacy and confidentiality. It is often contrasted with social transparency.
Secrecy can exist in a number of different ways: encoding or encryption (where mathematical and technical strategies are used to hide messages), true secrecy (where restrictions are put upon those who take part of the message, such as through government security classification)[ citation needed ] and obfuscation, where secrets are hidden in plain sight behind complex idiosyncratic language (jargon) or steganography.
Another classification proposed by Claude Shannon in 1948 reads that there are three systems of secrecy within communication: [1]
Animals conceal the location of their den or nest from predators. Squirrels bury nuts, hiding them, and they try to remember their locations later. [2]
Humans attempt to consciously conceal aspects of themselves from others due to shame, or from fear of violence, rejection, harassment, loss of acceptance, or loss of employment. Humans may also attempt to conceal aspects of their own self which they are not capable of incorporating psychologically into their conscious being. Families sometimes maintain "family secrets", obliging family members never to discuss disagreeable issues concerning the family with outsiders or sometimes even within the family. Many "family secrets" are maintained by using a mutually agreed-upon construct (an official family story) when speaking with outside members. Agreement to maintain the secret is often coerced through "shaming" and reference to family honor. The information may even be something as trivial as a recipe.[ citation needed ]
Secrets are sometimes kept to provide the pleasure of surprise. This includes keeping secret about a surprise party, not telling spoilers of a story, and avoiding exposure of a magic trick.[ citation needed ]
Keeping one’s strategy secret – is important in many aspects of game theory.[ citation needed ]
In anthropology secret sharing is one way for people to establish traditional relations with other people. [3] A commonly used[ citation needed ] narrative that describes this kind of behavior is Joseph Conrad's short story "The Secret Sharer".[ citation needed ]
Governments often attempt to conceal information from other governments and the public. These state secrets can include weapon designs, military plans, diplomatic negotiation tactics, and secrets obtained illicitly from others ("intelligence"). Most nations have some form of Official Secrets Act (the Espionage Act in the U.S.) and classify material according to the level of protection needed (hence the term "classified information"). An individual needs a security clearance for access and other protection methods, such as keeping documents in a safe, are stipulated. [4]
Few people dispute the desirability of keeping Critical Nuclear Weapon Design Information secret, but many believe government secrecy to be excessive and too often employed for political purposes. Many countries have laws that attempt to limit government secrecy, such as the U.S. Freedom of Information Act and sunshine laws. Government officials sometimes leak information they are supposed to keep secret. (For a recent (2005) example, see Plame affair.) [5]
Secrecy in elections is a growing issue, particularly secrecy of vote counts on computerized vote counting machines. While voting, citizens are acting in a unique sovereign or "owner" capacity (instead of being a subject of the laws, as is true outside of elections) in selecting their government servants. It is argued that secrecy is impermissible as against the public in the area of elections where the government gets all of its power and taxing authority. In any event, permissible secrecy varies significantly with the context involved.[ citation needed ]
Organizations, ranging from multi-national for profit corporations to nonprofit charities, keep secrets for competitive advantage, to meet legal requirements, or, in some cases, to conceal nefarious behavior. [ citation needed ]New products under development, unique manufacturing techniques, or simply lists of customers are types of information protected by trade secret laws.
Research on corporate secrecy has studied the factors supporting secret organizations. [6] In particular, scholars in economics and management have paid attention to the way firms participating in cartels work together to maintain secrecy and conceal their activities from antitrust authorities. [7] The diversity of the participants (in terms of age and size of the firms) influences their ability to coordinate to avoid being detected.
The patent system encourages inventors to publish information in exchange for a limited time monopoly on its use, though patent applications are initially secret. Secret societies use secrecy as a way to attract members by creating a sense of importance.[ citation needed ]
Shell companies may be used to launder money from criminal activity, to finance terrorism, or to evade taxes. Registers of beneficial ownership aim at fighting corporate secrecy in that sense. [8]
Other laws require organizations to keep certain information secret, such as medical records (HIPAA in the U.S.), or financial reports that are under preparation (to limit insider trading). Europe has particularly strict laws about database privacy. [9]
Preservation of secrets is one of the goals of information security. Techniques used include physical security and cryptography. The latter depends on the secrecy of cryptographic keys. Many believe that security technology can be more effective if it itself is not kept secret. [10]
Information hiding is a design principle in much software engineering. It is considered easier to verify software reliability if one can be sure that different parts of the program can only access (and therefore depend on) a known limited amount of information.[ citation needed ]
Military secrecy is the concealing of information about martial affairs that is purposely not made available to the general public and hence to any enemy, in order to gain an advantage or to not reveal a weakness, to avoid embarrassment, or to help in propaganda efforts. Most military secrets are tactical in nature, such as the strengths and weaknesses of weapon systems, tactics, training methods, plans, and the number and location of specific weapons. Some secrets involve information in broader areas, such as secure communications, cryptography, intelligence operations, and cooperation with third parties. [11]
US Government rights in regard to military secrecy were uphold in the landmark legal case of United States v. Reynolds , decided by the Supreme Court in 1953. [12]
Excessive secrecy is often cited [13] as a source of much human conflict. One may have to lie in order to hold a secret, which might lead to psychological repercussions.[ original research? ] The alternative, declining to answer when asked something, may suggest the answer and may therefore not always be suitable for keeping a secret. Also, the other may insist that one answer the question.[ improper synthesis? ]
Nearly 2500 years ago, Sophocles [ who? ] wrote: 'Do nothing secretly; for Time sees and hears all things, and discloses all.'.[ citation needed ] Gautama Siddhartha said: "Three things cannot long stay hidden: the sun, the moon and the truth.".
Cryptanalysis refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown.
In cryptography, encryption is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Despite its goal, encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.
In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is larger than or equal to the size of the message being sent. In this technique, a plaintext is paired with a random secret key. Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the pad using modular addition.
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security.
Steganography is the practice of representing information within another message or physical object, in such a manner that the presence of the concealed information would not be evident to an unsuspecting person's examination. In computing/electronic contexts, a computer file, message, image, or video is concealed within another file, message, image, or video. The word steganography comes from Greek steganographia, which combines the words steganós, meaning "covered or concealed", and -graphia meaning "writing".
Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link. The requirement that both parties have access to the secret key is one of the main drawbacks of symmetric-key encryption, in comparison to public-key encryption. However, symmetric-key encryption algorithms are usually better for bulk encryption. With exception of the one-time pad they have a smaller key size, which means less storage space and faster transmission. Due to this, asymmetric-key encryption is often used to exchange the secret key for symmetric-key encryption.
Kerckhoffs's principle of cryptography was stated by Dutch-born cryptographer Auguste Kerckhoffs in the 19th century. The principle holds that a cryptosystem should be secure, even if everything about the system, except the key, is public knowledge. This concept is widely embraced by cryptographers, in contrast to security through obscurity, which is not.
A null cipher, also known as concealment cipher, is an ancient form of encryption where the plaintext is mixed with a large amount of non-cipher material. Today it is regarded as a simple form of steganography, which can be used to hide ciphertext.
An Official Secrets Act (OSA) is legislation that provides for the protection of state secrets and official information, mainly related to national security. However, in its unrevised form, it can include all information held by government bodies.
As an ethic that spans science, engineering, business, and the humanities, transparency is operating in such a way that it is easy for others to see what actions are performed. Transparency implies openness, communication, and accountability.
Cryptography, the use of codes and ciphers to protect secrets, began thousands of years ago. Until recent decades, it has been the story of what might be called classical cryptography — that is, of methods of encryption that use pen and paper, or perhaps simple mechanical aids. In the early 20th century, the invention of complex mechanical and electromechanical machines, such as the Enigma rotor machine, provided more sophisticated and efficient means of encryption; and the subsequent introduction of electronics and computing has allowed elaborate schemes of still greater complexity, most of which are entirely unsuited to pen and paper.
Key exchange is a method in cryptography by which cryptographic keys are exchanged between two parties, allowing use of a cryptographic algorithm.
Concealment devices or diversion safes are used to hide things for the purpose of secrecy or security. They are made from an ordinary household object such as a book, a soda can, a candle, a can, or something as small as a coin. The idea is that such an inconspicuous object would not be expected to contain anything of worth.
A cryptosystem is considered to have information-theoretic security if the system is secure against adversaries with unlimited computing resources and time. In contrast, a system which depends on the computational cost of cryptanalysis to be secure is called computationally, or conditionally, secure.
In cryptography, a semantically secure cryptosystem is one where only negligible information about the plaintext can be feasibly extracted from the ciphertext. Specifically, any probabilistic, polynomial-time algorithm (PPTA) that is given the ciphertext of a certain message , and the message's length, cannot determine any partial information on the message with probability non-negligibly higher than all other PPTA's that only have access to the message length. This concept is the computational complexity analogue to Shannon's concept of perfect secrecy. Perfect secrecy means that the ciphertext reveals no information at all about the plaintext, whereas semantic security implies that any information revealed cannot be feasibly extracted.
End-to-end encryption (E2EE) is a private communication system in which only communicating users can participate. As such, no one else, including the communication system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to converse. End-to-end encryption is intended to prevent data being read or secretly modified, other than by the true sender and recipient(s). The messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves. Because no third parties can decipher the data being communicated or stored, for example, companies that provide end-to-end encryption are unable to hand over texts of their customers' messages to the authorities.
Tradecraft, within the intelligence community, refers to the techniques, methods, and technologies used in modern espionage (spying) and generally as part of the activity of intelligence assessment. This includes general topics or techniques, or the specific techniques of a nation or organization.
The sociological aspects of secrecy were first studied by Georg Simmel in the early-1900s. Simmel describes secrecy as the ability or habit of keeping secrets. He defines the secret as the ultimate sociological form for the regulation of the flow and distribution of information. Simmel put it best by saying "if human interaction is conditioned by the capacity to speak, it is shaped by the capacity to be silent." It also can control the very essence of social relations through manipulations of the ratio of "knowledge" to "ignorance".
Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.
In information security, message authentication or data origin authentication is a property that a message has not been modified while in transit and that the receiving party can verify the source of the message.
{{cite journal}}
: Cite journal requires |journal=
(help){{cite web}}
: |first=
has generic name (help)CS1 maint: numeric names: authors list (link)