Howdy!
"Security through obscurity" refers to the concept of
hiding the mechanisms that provide the security rather
than key security. If everyone can find out how the
lock works, weaknesses in the mechanism become exposed.
If knowing how the lock works does not make discerning
a specific key usefully easier, the lock is that much
stronger.
Now, using secrecy laws to try to obscure the innards of
crypto gear does arguably fall under that term.
Securing passwords (keys) does not constitute "security
through obscurity". Deliberately opting to stay with an
old, less well known system because less people are
familiar with cracking it does constitute "security
through obscurity". I hope you see the difference.
yours,
Michael |