Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!husc6!mit-eddie!ll-xn!ames!lll-tis!lll-risky!tjt From: tjt@lll-risky.arpa (Tim Tessin) Newsgroups: sci.crypt,comp.misc Subject: Re: public key encryption and RSA patent status Message-ID: <106@lll-risky.arpa> Date: Fri, 25-Sep-87 18:35:26 EDT Article-I.D.: lll-risk.106 Posted: Fri Sep 25 18:35:26 1987 Date-Received: Sun, 27-Sep-87 05:47:55 EDT Reply-To: tjt@lll-tis.arpa (Tim Tessin) Lines: 89 Keywords: RSA patent Xref: mnetor sci.crypt:574 comp.misc:1327 In article <615@rocky.STANFORD.EDU> andy@rocky.UUCP (Andy Freeman) writes: > > Since no one has bothered to actually look up the RSA patent to find > out what is covered, various people on the net have assumed that what > it covers supports their position. One possibility is that it is for > the use of a certain integer function to encrypt digital information. > Another possibility is that it is for one way to encrypt digital information > using integer functions with certain properties. A third possibility is > that it covers encryption of digital information using integer functions > with certain properties. Bob's objection suggests that he thinks that the > RSA patent is one of the latter two. > ... > So Bob, what do you think the RSA patent covers? What do you think it > would be legitimate for it to cover? > > Andy Freeman Ok, here are the facts. Disclaimer: my description here of what our lawyers said may not fully render the legal opinion of the U.S. Government on this matter. First the patent itself: U.S. Patent # 4,405,829 Title: Cryptographic communications system and method Inventors: Rivest, Shamir, Adleman Assignee: Massachusetts Institute of Tech. Filed: Dec. 14, 1977 Granted: Sep. 20, 1983 40 Claims, 7 Drawing Figures Abstract: A cryptographic communications system and method. The system includes a communications channel coupled to at least one terminal having an encoding device and to at least one terminal having a decoding device. A message-to-be-transferred is enciphered to ciphertext at the encoding terminal by first encoding the message as a number M in a predetermined set, and then raising that number to a first predetermined power (associated with the intended receiver) and finally computing the remainder, or residue, C, when the exponentiated number is divided by the product of two predetermined prime numbers (associated with the intended receiver). The residue C is the ciphertext. The ciphertext is deciphered to the original message at the decoding terminal in a similar manner by raising the ciphertext to a second predetermined power (associated with the intended receiver), and then computing the residue, M', when the exponentiated ciphertext is divided by the product of the two predetermined prime numbers associated with the intended receier. The residue M' corresponds to the original encoded message M. There follows a detailed description of the math and examples are given. Then come the claims (which are the actual legal claims to which infringement protection is given). The claims basically state (there are 40 of them) that rendering this algorithm into hardware or rendering the specific methods to encrypt a message into an implementation (such as a software package), and combining them with a communications channel of any kind, is protected. Note the significance of the term METHOD. ANY methodical, repeatable use of the steps required to encrypt a message using the algorithm is protected! This means coding the RSA algorithm and combining it with a communications channel without an agreement with the RSA company is an infringment. Barring any procedural errors MIT and RSA made in obtaining the patent (a low probability) and barring excruciating analysis of the patent to determine just exactly how one might implement a crypto-system without infringment, the legal-eagles say you're screwed. (This is if you are a commercial venture. Exactly what the U.S. Government has as patent rights are still being determined. The research was partly funded by the U.S. Government and it retains some rights.) Of course, the burden of a patent infringment suit is on RSA. They must sue you to gain an infringment judgement. Do you feel lucky? You are free to use the math to provide any other product other than a cryptographic comunications system. Presumably, you could use the algorithm to encrypt files stored locally, as long as you didn't transmit them anywhere and have someone decrypt them (but this is not a legal opinion). Hope this clears things up a bit. (You Government sites, don't touch that dial! More to follow when it comes in.) Tim Tessin - Lawrence Livermore National Laboratory Phone: (415) 423-4560 / 422-8971 ARPA: tjt@lll-tis.ARPA UUCP: {ihnp4,dual,sun}!lll-lcc!lll-tis!tjt