Is "open source encryption" an oxymoron?

If we know the source code of a program, what is there left that we don't know? (wouldn't know the source code tell you exactly what a program does without exception?)

If there's anything we cannot know from looking at the source code of an algorithm, what good is the source code?

How does an encryption program work if its source code is open for review, and how does one know that it DOES work, if the source code can be reviewed, but something is left unknown?

2011-06-17T12:17:09Z

How can a private key, or password, be kept secret if the program is open source, or what good is the source if something is still unknown?

If the private key is manually created by somebody outside of the program, wouldn't the program need to know how to handle it? (and wouldn't one know if he had the source code)

?2011-06-17T03:35:49Z

Favorite Answer

The encryption uses two keys. The public key is known to all. But the private key or in layman terms, the password, is kept secret. This private key is needed also for decryption of the program, a key that not everyone knows. Hence open source encryption is not an oxymoron.

00

Masked Musketeer2011-06-17T10:34:25Z

When a file is encrypted, you need a key to actually decrypt it. Knowing the source code and algorithms is not enough and doesn't actually help you break the encryption.

20

Classical Liberal Jochan2011-06-17T10:40:57Z

Yes, I would say so.

00

Trending Questions

Someone is harassing me online thru a blog. How can I determine their location from the blog's IP address?4 answers533 million Facebook users phone numbers and personal data have been leaked. Should we change our password and mail for security?7 answersdoes the government hack our computers?26 answersCan an employer trace an unknown number?7 answersWhy is my Antivirus not working?6 answers