Path: gmdzi!unido!mcsun!uunet!wuarchive!zaphod.mps.ohio-state.edu!
math.lsa.umich.edu!sharkey!msuinfo!news
From: rior...@clvax1.cl.msu.edu (Mark Riordan)
Newsgroups: sci.crypt
Subject: Conversation with RSA Data Security
Message-ID: <1990Sep6.150457.26665@msuinfo.cl.msu.edu>
Date: 6 Sep 90 15:04:57 GMT
Sender: ne...@msuinfo.cl.msu.edu
Organization: Michigan State University
Lines: 75
Posted: Thu Sep 6 16:04:57 1990
Yesterday I had a phone conversation with Burt Kaliski of
RSA Data Security, Inc. He gave me his opinions on some of
the patent-related questions I have raised here in sci.crypt.
I summarize our conversation below.
Mr. Kaliski is a cryptographic systems scientist, not a lawyer,
and his opinions--though probably well-informed--should be
viewed in that light.
RSA Data Security (I forgot to ask their relationship with
PK Associates) claims only a patent on RSA, not on the general
concept of public key encryption. In fact, the patent covers only
certain uses of RSA; if you found a way to use the RSA algorithms
to clean your laundry, it probably wouldn't be covered by the patent.
It's "hard to say" whether my proposed use of RSA would violate
their patent. Let me quickly summarize my intended use here:
I wish to add security enhancements to NNTP, the Usenet news
server. The enhancements would eliminate the need for a newsreader
to send a plaintext password to NNTP, as is currently done with the
(relatively new) AUTHINFO command. Under my proposed scheme,
NNTP would generate a new encryption/decryption key pair for
each transaction, and would send the encryption key to the
newsreader (presumably over an insecure broadcast network
like Ethernet). The reader would encrypt the user's password
with the key and send the ciphertext to the NNTP server. The
NNTP server would be able to decrypt the password and check
its validity, but eavesdroppers on the network would be unable
to decrypt it.
Since this use of RSA apparently isn't quite what's mentioned in
the patent, it might not be covered by the patent.
As for putting an RSA implementation in the public domain:
it's probably OK, but it could be considered as "inciting infringement".
Certainly any recipients of the public domain system who use
it in a manner covered by the patent would have to license
the technology from the patent holder.
Burt Kaliski indicated that his company wasn't very interested
in pursuing borderline, public-domain cases like mine from a
legal point of view. (Of course, an informal remark like that
doesn't mean much.) However, RSA Data Security is concerned
about protecting their reputation. If I publicly stated that
my code was an RSA implementation, they'd be concerned
about the quality of my implementation and might very well
insist upon my licensing their proven code. If a shoddy product
went around advertising itself as an "RSA implementation",
RSA's reputation would suffer.
Kaliski says that he is aware of three public key patents, though
there may well be others:
1. RSA.
2. Knapsack.
3. Diffie-Hellman discrete logarithm. This one probably covers
any system based on discrete logarithms.
He says that I could probably find several public key systems in
recent literature which haven't (yet) been patented. In fact,
one of my recent correspondents described to me a system
which seems to be practical and to not be covered by existing
patents.
With all of this, I have decided for now to not distribute my RSA
code, and to pursue some other non-patented system for use in
my application. Again, I would hope to put my code in the
public domain if and when I complete it.
By the way, RSA Data Security can be reached at (415)595-8782
or well!r...@apple.com or r...@well.sf.ca.us
The president's name is Jim Bidzos. RSA licensing fees range from
about $25/user for internet mail signature purposes, to
about $250/user for commercial encryption systems.
(I think I got that right.)
Mark Riordan Michigan State University rior...@clvax1.cl.msu.edu