Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!epiwrl!epimass!jbuck From: jbuck@epimass.EPI.COM (Joe Buck) Newsgroups: sci.crypt,comp.misc Subject: Re: public key encryption alg wanted... Message-ID: <1490@epimass.EPI.COM> Date: Sun, 13-Sep-87 18:14:59 EDT Article-I.D.: epimass.1490 Posted: Sun Sep 13 18:14:59 1987 Date-Received: Sun, 13-Sep-87 21:54:01 EDT References: <1372@osiris.UUCP> <441@polyslo.UUCP> <686@sugar.UUCP> Reply-To: jbuck@epimass.EPI.COM (Joe Buck) Organization: Entropic Processing, Inc., Cupertino, CA Lines: 43 Keywords: pascal preferred... Xref: mnetor sci.crypt:540 comp.misc:1228 In article <686@sugar.UUCP> peter@sugar.UUCP (Peter da Silva) writes: >> [...public key encryption...prime numbers...] > >Sounds like you'r talking about RSA public key encryption. This technique >is patented by Rivest, Shamir, and Adelman (? did I get these names right?). > >Therefore there is not now nor will there ever be (until the 17 or so years >is up, anyway) a public domain implementation of this. There is public-domain code (Dr. Dobbs' Journal and other places); whether it's legal to use is another matter. There are other number-theoretic public-key algorithms out there. Also, it's not clear to me that the RSA patent could withstand a well-financed challenge in court, and I suspect it will be thrown out eventually. The way the patent laws were set up, you can't patent a discovery or a mathematical truth. Until recently algorithms were considered unpatentable since they were seen as mathematical laws. There's a lot more than that to real software. But RSA is a straightforward application of Euler's Theorem. Also, R, S, and A didn't come up with the core concept of public-key encryption -- a "one way" transformation. Their contribution was to recognize a new way in which to use 200 (or more)-year-old number theory. Unless the license fees are kept very reasonable and low, the patent will be challenged and ruled invalid in the near future. A patent gives the patent holder grounds to sue someone who infringes on it. The government will not enforce the patent. It does not give a guarantee that the patent holder will emerge victorious; frequently the patent holder emerges without the patent (because it is ruled invalid). >If anybody knows anything about any of the non-patented public key systems, >(knapsack?), please post a followup. The knapsack approach has been broken; fast ways of solving knapsack problems are now known. -- - Joe Buck jbuck@epimass.epi.com {uunet,ucbvax,sun,decwrl,}!epimass.epi.com!jbuck Old arpa mailers: jbuck%epimass.epi.com@uunet.uu.net