Cryptography-Digest Digest #71, Volume #14 Tue, 3 Apr 01 22:13:01 EDT
Contents:
Re: Data dependent arcfour via sbox feedback (Mok-Kong Shen)
Re: Public Domain MARS Implementation Source Code (Gregory G Rose)
Re: Royalty free use of Mars (Sami)
Re: patent issue (Mok-Kong Shen)
Re: Royalty free use of Mars (Mok-Kong Shen)
Re: quick LFSR question (really simple question) (Steve Portly)
Re: patent this and patent that ("Carpe Diem")
Re: quick LFSR question (really simple question) ("Tom St Denis")
Re: quick LFSR question (really simple question) (Steve Portly)
Re: quick LFSR question (really simple question) ("Tom St Denis")
Re: quick LFSR question (really simple question) (Steve Portly)
Re: quick LFSR question (really simple question) ("Tom St Denis")
Re: Public Domain MARS Implementation Source Code ("Roger Schlafly")
Re: Public Domain MARS Implementation Source Code ("Tom St Denis")
----------------------------------------------------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Data dependent arcfour via sbox feedback
Date: Wed, 04 Apr 2001 02:08:58 +0200
Terry Ritter wrote:
>
> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>
> >John Savard wrote:
> >>
> >> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
> >>
> >> >Further, as I pointed out in another follow-up, many
> >> >schemes in Chap. 16 and 17 of Schneier's AC combine two
> >> >or more pseudo-random streams, i.e. two (or more) confusion
> >> >sources, to produce a stream that is presumably stronger.
> >> >i.e. a more-complex confusion result. Are these not in
> >> >clear and unambiguious conflict with the patent?
> >>
> >> Dynamic Substitution is a _particular way_ of combining two streams.
> >> XORing them together does not conflict with his patent.
> >
> >It is to be noted that xor is also a substitution and,
> >if one utilizes feed back, then the substituion is
> >'dynamic'.
>
> I doubt I would describe that as "dynamic," but in any case it is not
> Dynamic Substitution as formally described in the patent. Just
> because the title of the patent is: "Dynamic Substitution Combiner and
> Extractor," does not mean that it covers any possible thing which is
> "dynamic" and also some form of "substitution." The coverage is
> described in the claims, not the title.
>
> You are going out of your way to deliberately misrepresent the patent.
> Your claims about what it says do not make it say that. Like everyone
> else, you have the opportunity to read the patent and to learn how to
> interpret patent claims, if that is what you want to do. But since
> you continue to misrepresent what is there, it seems that what you
> really want to do is to whine, whine, whine about the unfairness of it
> all, rather then acquiring the background necessary for understanding.
My worry stems on the one hand from your claims of general
coverage in previous posts and on the other hand from
a diagram on you web page, which in my view seems to cover a
quite general feedback scheme. That's why I wanted to know
explicitly whether using feedback as such is or is not
violating your patent. Incidentally, feedback is a mechanism
that has interested me for some time. (A couple of my humble
crypto designs employ feedback.)
>
> All of our legal systems have problems. But the patent system at
> least puts the force of law in the hands of even tiny companies. In
> open competition in a free market, the big guys normally win. I think
> there is something to be said for an alternative, even if not ideal in
> many ways.
>
> In particular, I think the US government should undertake to prosecute
> every granted US patent in foreign countries so that the same
> limitations will apply across the global marketplace. I also think
> the US government should have a department to help enforce the patent
> grant. As I see it, the main problem with patents is not that they
> are too strong and intrusive, but that they are not strong enough.
Oh yes, it could certainly impose its laws onto foreign
countries and do the said 'prosecutions' through the help of
its mighty military forces. The day of the scenario you
described may in fact be nigh. Who knows the future for sure?
>
> >As I noted elsewhere, any block cipher is
> >substitution (of the block) and that CBC etc. introduces
> >'dynamics' in them, there being feedback.
>
> Oddly, just because you have "noted" something does not make it
> correct. That handwave description -- using a block cipher as a
> "substitution" -- is not Dynamic Substitution as defined in the
> patent.
>
> >Further, a
> >classical polyalphabetical substitution effects a
> >combination of the key stream and the plaintext stream.
> >If one employs auto-key with such substitution one again
> >has 'dynamics'.
>
> The specific aspect of "dynamic" in Dynamic Substitution is the
> permutation of values within a table. The table thus "changes," and
> is in that sense "dynamic." Selecting a different table might be
> "dynamic" in your personal language and your particular usage, but
> that does not make it correspond to the coverage of the patent. The
> title of the patent is not the coverage; to understand the coverage,
> one must deal with the claims.
On the other hand, in another post you seemed to claim that
generation of a very large table statically for later use
(through choice of columns analogoug to selection with key
in polyalphabetic substitution) would be considered as in
conflict with your patent, even though there is no dynamic
creation of table. This point is non-trivial as far as the
coverage goes and it is important to have a clarification of
that.
>
> >Anyway, the extremely general formualtion
> >in the patent of combining two streams to generate a more
> >complicated stream has certainly at least the problem of
> >confounding the readers.
>
> All patents confound readers at the beginning. They are extremely
> detailed and the arcane language has specialized meaning derived from
> patent law. Often there is a general understanding which can avoid
> the technical language of patent law, but generally one must have some
> background to understand the limits. Some readers move on to accept
> the law as a basis for understanding what is going on. Some don't,
> and then just complain, complain, complain.
>
> >If the patent specifies a very
> >particular encryption that is really new, then there is
> >nothing against the patenting. But then the formulation
> >of the patent should also be correspondingly special and
> >not use such general terms as we have seen in previous
> >posts.
>
> Alas, your interpretation of what should or should not be appropriate
> for the US patent system does not correspond to reality. It is
> probably silly for any small company to patent a detailed cipher,
> because in that case, small changes in the design will avoid the
> patent. The whole point of a patent is to create a limited-term
> monopoly that cannot be avoided if one wishes to use the advance which
> was disclosed. This supports the profit to repay the development
> effort, profit to encourage new effort, and helps to protect the new
> idea until it becomes established in the marketplace. And profit, of
> course, is just business as usual.
I don't have problems with the purposes of the patent laws,
nor with copyright. I think that they both have merits in
principle. Inventors should be rewarded. What worries me is
the 'practice' of having very general claims in the patent
documents, which, even if these are actually largely
restricted by (eventually present) other clauses of the same
documents, may cause undesirable confusions to other
practioners or potential inventors, mistakingly thinking
that all what they intend to do falls already in the domain
of these general claims. That I think would be very bad.
>
> >Note that the patent holder doesn't seem to be
> >considering that his patent is about a very special scheme
> >at all.
>
> All we need to note whether Dynamic Substitution is "special" is to
> count how many alternatives there are to building nonlinear dynamic
> combiners.
>
> So if you can be happy with something else, use it. But if you want a
> nonlinear dynamic combiner -- especially a reversible combiner --
> there is ample indication that my work is fairly "special."
I am not sure whether the term nonlinear combiner couldn't be
'interpreted' to encompass e.g. modular multiplication of two
entities, use of F-functions of DES, rotation of one entity
with modular addition of another, and use of a nonlinear PRNG
to process a bit stream. These are however in my view all prior
art.
>
> >In fact in a number of his posts he claimed that
> >the patent has rather general coverage.
>
> The patent says what it says. It stands on its own and doesn't need
> me to interpret it for you -- assuming you have the background to
> interpret it for yourself.
>
> There is a good reason a patent can be general, and that reason is
> that it covers completely new art, and thus does not have prior art
> which must be avoided. This is patenting as it is supposed to be: the
> public disclosure -- and protection -- of completely new work.
If something is completely new, it could hardly be 'general',
but, in contrary, singular/special/particular.
>
> >That's the problem.
>
> The problem? Really? But since you live outside the US, you can just
> steal my published ideas and even use them in your products -- as long
> as you don't ship product to the US. So how is any of this a
> "problem" for you? And if not for you, then who?
I don't have any personal plans to earn money in any field.
There is hence no personal 'problem' for me at all. Others
have raised though the point that the good intended purposes
of patent laws would be undermined, if the practice of granting
patents is improper, allowing persons to get patents without
actual novelty or with much more coverage than the underlying
ideas deserve. I guess that many people in this group have
a common (and unfavourable) opinion about e.g. Hitachi's
rotation patents.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Gregory G Rose)
Subject: Re: Public Domain MARS Implementation Source Code
Date: 3 Apr 2001 17:14:05 -0700
In article <jP6y6.1128$[EMAIL PROTECTED]>,
Nathan J. Yoder <[EMAIL PROTECTED]> wrote:
> This may sound like a trivial/stupid question, but I am looking for an
>implementation of MARS that has been released in the public domain. I have
This is a pretty meaningless concept, given that
MARS is patented by IBM. No matter who wrote the
code, it can never be considered public domain.
Royalty free, maybe (or maybe not... I thought
they only promised royalty free if it won), but
that isn't the same thing at all.
Greg.
--
Greg Rose INTERNET: [EMAIL PROTECTED]
Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199
Level 3, 230 Victoria Road, http://people.qualcomm.com/ggr/
Gladesville NSW 2111 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
------------------------------
Subject: Re: Royalty free use of Mars
From: [EMAIL PROTECTED] (Sami)
Date: Wed, 04 Apr 2001 00:13:12 GMT
"M.S. Bob" <[EMAIL PROTECTED]> wrote in <[EMAIL PROTECTED]
edy>:
>Let's see, let's go to the MARS home page at IBM
><http://www.research.ibm.com/security/mars.html>.
>Oh, what's the link at the top of the page...
>"MARS is now available worldwide under a royalty-free license from
>Tivoli. Read the press release or contact Ron Silletti at 914-765-4373
>for more details"
><http://www.tivoli.com/news/press/pressreleases/en/2000/mars.html>
I am aware of the links and the press release. I'm just confused what
"royalty-free license from Tivoli" means and I have been trying to simply
confirm am I free to use it. Ron Silletti doesn't respond to emails.
- Sami
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: patent issue
Date: Wed, 04 Apr 2001 02:30:43 +0200
Tom St Denis wrote:
>
> I think authors should get credit for their work. I don't think others
> should use it without asking, that's just impolite. i think I can agree
> they prevent loss of money. The problem is when non-profit tasks require
> the device/algorithm etc...
You last sentence is subject of debate. There are pros and
cons. See the issue of genome patents. It's not that
simple as you might imagine.
>
> Like when RSA "threatened" me briefly about including RC5 in my Peekboo
> program.... I don't even live in the states and they couldn't do that
> legally (although they only called once, once they realized I am some dorky
> teen).
If you don't know the actual legal situations, you would
in such cases be fooled. But that's common in life.
Plenty of people try to fool others in diverse fields.
On the other hand, that's also one reason why lawyers can
earn their living. If everyone treats every others honestly,
fairly, correctly, etc. etc., or at least everyone is
knowledgeable enough in laws to aptly defend his rights in
court, do you think there would be any lawyers in the world?
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Royalty free use of Mars
Date: Wed, 04 Apr 2001 02:33:03 +0200
Sami wrote:
>
> I am aware of the links and the press release. I'm just confused what
> "royalty-free license from Tivoli" means and I have been trying to simply
> confirm am I free to use it. Ron Silletti doesn't respond to emails.
Maybe he has trouble because of Hitachi's patent claims.
(I mentioned that in a follow-up.)
M. K. Shen
------------------------------
From: Steve Portly <[EMAIL PROTECTED]>
Subject: Re: quick LFSR question (really simple question)
Date: Tue, 03 Apr 2001 20:00:51 -0500
Tom St Denis wrote:
> I am using an LFSR on my i8032 for a test... I need to know if this is good
> C code (i.e does the right LFSR)
>
> /* expand using LFSR (0,3,9,10,12) */
> for (x = 12; x < 76; ++x)
> tmp[x] = tmp[x-12] ^ tmp[x-10] ^ tmp[x-9] ^ tmp[x-3];
>
> The #'s represent the taps given by the LFSR maker I have found on the web.
> I want to know if I interpreted the taps correctly.
>
> Thanks,
> --
> Tom St Denis
> ---
> http://tomstdenis.home.dhs.org
Compiles ok. generates values from 51 to 32338.
------------------------------
From: "Carpe Diem" <[EMAIL PROTECTED]>
Subject: Re: patent this and patent that
Date: Tue, 3 Apr 2001 20:08:55 -0500
Patents ( on really new inventions ) are a way to reward somebody for the
work that has been done. You are saying that glory and fame should be enough
as a reward. The problem is that fame and glory are not very sweet when you
do not have the money to pay the rent.
Being rewarded economically provides you the *neccessary* means to do other
research, and invent other things.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: quick LFSR question (really simple question)
Date: Wed, 04 Apr 2001 01:09:12 GMT
"Steve Portly" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Tom St Denis wrote:
>
> > I am using an LFSR on my i8032 for a test... I need to know if this is
good
> > C code (i.e does the right LFSR)
> >
> > /* expand using LFSR (0,3,9,10,12) */
> > for (x = 12; x < 76; ++x)
> > tmp[x] = tmp[x-12] ^ tmp[x-10] ^ tmp[x-9] ^ tmp[x-3];
> >
> > The #'s represent the taps given by the LFSR maker I have found on the
web.
> > I want to know if I interpreted the taps correctly.
> >
> > Thanks,
> > --
> > Tom St Denis
> > ---
> > http://tomstdenis.home.dhs.org
>
> Compiles ok. generates values from 51 to 32338.
Note that tmp is a 8-bit array...
I want to know if the taps are ok...
Tom
------------------------------
From: Steve Portly <[EMAIL PROTECTED]>
Subject: Re: quick LFSR question (really simple question)
Date: Tue, 03 Apr 2001 20:07:23 -0500
Steve Portly wrote:
> Tom St Denis wrote:
>
> > I am using an LFSR on my i8032 for a test... I need to know if this is good
> > C code (i.e does the right LFSR)
> >
> > /* expand using LFSR (0,3,9,10,12) */
> > for (x = 12; x < 76; ++x)
> > tmp[x] = tmp[x-12] ^ tmp[x-10] ^ tmp[x-9] ^ tmp[x-3];
> >
> > The #'s represent the taps given by the LFSR maker I have found on the web.
> > I want to know if I interpreted the taps correctly.
> >
> > Thanks,
> > --
> > Tom St Denis
> > ---
> > http://tomstdenis.home.dhs.org
>
> Compiles ok. generates values from 51 to 32338.
Forgot to use long data type range is 7830 to 2145517745.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: quick LFSR question (really simple question)
Date: Wed, 04 Apr 2001 01:18:59 GMT
"Steve Portly" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Steve Portly wrote:
>
> > Tom St Denis wrote:
> >
> > > I am using an LFSR on my i8032 for a test... I need to know if this is
good
> > > C code (i.e does the right LFSR)
> > >
> > > /* expand using LFSR (0,3,9,10,12) */
> > > for (x = 12; x < 76; ++x)
> > > tmp[x] = tmp[x-12] ^ tmp[x-10] ^ tmp[x-9] ^ tmp[x-3];
> > >
> > > The #'s represent the taps given by the LFSR maker I have found on the
web.
> > > I want to know if I interpreted the taps correctly.
> > >
> > > Thanks,
> > > --
> > > Tom St Denis
> > > ---
> > > http://tomstdenis.home.dhs.org
> >
> > Compiles ok. generates values from 51 to 32338.
>
> Forgot to use long data type range is 7830 to 2145517745.
Ok what's your point. Assuming a) the taps are right and b) you don't start
the lfsr with all zero the range should be from 0 to the sizeof your data
type.
My question .... ARE THE BLOODY TAPS CODED RIGHT? ... Sorry... Just a bit
tired and I would like to know
Tom
------------------------------
From: Steve Portly <[EMAIL PROTECTED]>
Subject: Re: quick LFSR question (really simple question)
Date: Tue, 03 Apr 2001 20:24:35 -0500
Tom St Denis wrote:
> "Steve Portly" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> >
> >
> > Tom St Denis wrote:
> >
> > > I am using an LFSR on my i8032 for a test... I need to know if this is
> good
> > > C code (i.e does the right LFSR)
> > >
> > > /* expand using LFSR (0,3,9,10,12) */
> > > for (x = 12; x < 76; ++x)
> > > tmp[x] = tmp[x-12] ^ tmp[x-10] ^ tmp[x-9] ^ tmp[x-3];
> > >
> > > The #'s represent the taps given by the LFSR maker I have found on the
> web.
> > > I want to know if I interpreted the taps correctly.
> > >
> > > Thanks,
> > > --
> > > Tom St Denis
> > > ---
> > > http://tomstdenis.home.dhs.org
> >
> > Compiles ok. generates values from 51 to 32338.
>
> Note that tmp is a 8-bit array...
>
> I want to know if the taps are ok...
>
> Tom
It seems to me that it would depend on the particular application the chip is
used for, You do not have a schematic showing the pinouts?
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: quick LFSR question (really simple question)
Date: Wed, 04 Apr 2001 01:48:26 GMT
"Steve Portly" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Tom St Denis wrote:
>
> > "Steve Portly" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > >
> > >
> > > Tom St Denis wrote:
> > >
> > > > I am using an LFSR on my i8032 for a test... I need to know if this
is
> > good
> > > > C code (i.e does the right LFSR)
> > > >
> > > > /* expand using LFSR (0,3,9,10,12) */
> > > > for (x = 12; x < 76; ++x)
> > > > tmp[x] = tmp[x-12] ^ tmp[x-10] ^ tmp[x-9] ^ tmp[x-3];
> > > >
> > > > The #'s represent the taps given by the LFSR maker I have found on
the
> > web.
> > > > I want to know if I interpreted the taps correctly.
> > > >
> > > > Thanks,
> > > > --
> > > > Tom St Denis
> > > > ---
> > > > http://tomstdenis.home.dhs.org
> > >
> > > Compiles ok. generates values from 51 to 32338.
> >
> > Note that tmp is a 8-bit array...
> >
> > I want to know if the taps are ok...
> >
> > Tom
>
> It seems to me that it would depend on the particular application the chip
is
> used for, You do not have a schematic showing the pinouts?
What the heck are you yapping about? This is just an expanding LFSR
(instead of a ring buffer version).
Can you stop replying to this thread? Obviously you either misunderstand or
are being an asshole. (If you misunderstand that's ok maybe I am not
clear..... could be my fault).
Tom
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Subject: Re: Public Domain MARS Implementation Source Code
Date: Wed, 04 Apr 2001 01:48:34 GMT
"Gregory G Rose" <[EMAIL PROTECTED]> wrote in message
news:9adp0d$[EMAIL PROTECTED]...
> In article <jP6y6.1128$[EMAIL PROTECTED]>,
> Nathan J. Yoder <[EMAIL PROTECTED]> wrote:
> > This may sound like a trivial/stupid question, but I am looking for
an
> >implementation of MARS that has been released in the public domain. I
have
> This is a pretty meaningless concept, given that
> MARS is patented by IBM. No matter who wrote the
> code, it can never be considered public domain.
> Royalty free, maybe (or maybe not... I thought
> they only promised royalty free if it won), but
> that isn't the same thing at all.
What's the difference? IBM has made Mars royalty-free whether it wins
or not. An implementation is public domain if there are no claims against
it.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Public Domain MARS Implementation Source Code
Date: Wed, 04 Apr 2001 01:56:09 GMT
"Roger Schlafly" <[EMAIL PROTECTED]> wrote in message
news:S3vy6.102$[EMAIL PROTECTED]...
> "Gregory G Rose" <[EMAIL PROTECTED]> wrote in message
> news:9adp0d$[EMAIL PROTECTED]...
> > In article <jP6y6.1128$[EMAIL PROTECTED]>,
> > Nathan J. Yoder <[EMAIL PROTECTED]> wrote:
> > > This may sound like a trivial/stupid question, but I am looking for
> an
> > >implementation of MARS that has been released in the public domain. I
> have
> > This is a pretty meaningless concept, given that
> > MARS is patented by IBM. No matter who wrote the
> > code, it can never be considered public domain.
> > Royalty free, maybe (or maybe not... I thought
> > they only promised royalty free if it won), but
> > that isn't the same thing at all.
>
> What's the difference? IBM has made Mars royalty-free whether it wins
> or not. An implementation is public domain if there are no claims against
> it.
>
>
>
Better question: Why use MARS when other simpler, faster more secure
ciphers exist?
Tom
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
