The paper may seem a little dated, but it is still taught as guiding principles in some Universities (MIT, Berkley, UCLA).
The 4th Principle of Security is "Open Design". This is summarized as "The protection mechanism should not depend on attackers being ignorant of its design to succeed. It may however be based on the attacker's ignorance of specific information such as passwords or cipher keys."
Slashdot Mirror
The paper may seem a little dated, but it is still taught as guiding principles in some Universities (MIT, Berkley, UCLA). The 4th Principle of Security is "Open Design". This is summarized as "The protection mechanism should not depend on attackers being ignorant of its design to succeed. It may however be based on the attacker's ignorance of specific information such as passwords or cipher keys."