Cryptography-Digest Digest #73, Volume #14 Wed, 4 Apr 01 03:13:01 EDT
Contents:
Re: Data dependent arcfour via sbox feedback (Terry Ritter)
Re: patent this and patent that (Terry Ritter)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: Data dependent arcfour via sbox feedback
Date: Wed, 04 Apr 2001 06:17:48 GMT
On Wed, 04 Apr 2001 02:08:58 +0200, in
<[EMAIL PROTECTED]>, in sci.crypt Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
>Terry Ritter wrote:
>>
>> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>>
>> >John Savard wrote:
>> >>
>> >> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>> >>
>> >> >Further, as I pointed out in another follow-up, many
>> >> >schemes in Chap. 16 and 17 of Schneier's AC combine two
>> >> >or more pseudo-random streams, i.e. two (or more) confusion
>> >> >sources, to produce a stream that is presumably stronger.
>> >> >i.e. a more-complex confusion result. Are these not in
>> >> >clear and unambiguious conflict with the patent?
>> >>
>> >> Dynamic Substitution is a _particular way_ of combining two streams.
>> >> XORing them together does not conflict with his patent.
>> >
>> >It is to be noted that xor is also a substitution and,
>> >if one utilizes feed back, then the substituion is
>> >'dynamic'.
>>
>> I doubt I would describe that as "dynamic," but in any case it is not
>> Dynamic Substitution as formally described in the patent. Just
>> because the title of the patent is: "Dynamic Substitution Combiner and
>> Extractor," does not mean that it covers any possible thing which is
>> "dynamic" and also some form of "substitution." The coverage is
>> described in the claims, not the title.
>>
>> You are going out of your way to deliberately misrepresent the patent.
>> Your claims about what it says do not make it say that. Like everyone
>> else, you have the opportunity to read the patent and to learn how to
>> interpret patent claims, if that is what you want to do. But since
>> you continue to misrepresent what is there, it seems that what you
>> really want to do is to whine, whine, whine about the unfairness of it
>> all, rather then acquiring the background necessary for understanding.
>
>My worry stems on the one hand from your claims of general
>coverage in previous posts and on the other hand from
>a diagram on you web page, which in my view seems to cover a
>quite general feedback scheme.
Which diagram, on what page?
>That's why I wanted to know
>explicitly whether using feedback as such is or is not
>violating your patent. Incidentally, feedback is a mechanism
>that has interested me for some time. (A couple of my humble
>crypto designs employ feedback.)
Well, feedback has long been a very basic part of hardware circuit
design (analog, or "linear" design). Most Op Amp (operational
amplifier) circuits use extensive negative feedback, often to make the
gain effectively independent of the active device, and to reduce
distortion. Most oscillator circuits use some form of positive
feedback to replace any loss in the frequency-selective section.
There is also a concept of "feedforward," often used to cancel
distortion without using feedback. Feedback is fairly old (70
years?), very common stuff, and very often treated in the technical
literature.
With respect to cryptographic feedback, autokey stream ciphers are
also quite old. The PK-Zip cipher (from a decade ago?) is a modern
example. I don't think we can draw a useful feedback analogy to
Dynamic Substitution per se, although the inverse process (the
extractor) might be more like it. There is no intent in the Dynamic
Substitution patent to control feedback per se.
I cannot even imagine trying to get a general patent on feedback now,
because it is a widely-understood part of technology; there is massive
prior art. But even now, there might be particular ways to control or
use feedback which might be patentable.
>> All of our legal systems have problems. But the patent system at
>> least puts the force of law in the hands of even tiny companies. In
>> open competition in a free market, the big guys normally win. I think
>> there is something to be said for an alternative, even if not ideal in
>> many ways.
>>
>> In particular, I think the US government should undertake to prosecute
>> every granted US patent in foreign countries so that the same
>> limitations will apply across the global marketplace. I also think
>> the US government should have a department to help enforce the patent
>> grant. As I see it, the main problem with patents is not that they
>> are too strong and intrusive, but that they are not strong enough.
>
>Oh yes, it could certainly impose its laws onto foreign
>countries and do the said 'prosecutions' through the help of
>its mighty military forces. The day of the scenario you
>described may in fact be nigh. Who knows the future for sure?
I did not say "impose its law," I said "prosecute . . . in foreign
countries"; that would be in their PTO, or the EPO. One problem for
the US is that when inventors choose to only patent in the US, only US
industry is controlled by the patent, which then may not be able to
compete worldwide. It is hard to compete with companies who do not
have to pay for the research which resulted in the product.
>> >As I noted elsewhere, any block cipher is
>> >substitution (of the block) and that CBC etc. introduces
>> >'dynamics' in them, there being feedback.
>>
>> Oddly, just because you have "noted" something does not make it
>> correct. That handwave description -- using a block cipher as a
>> "substitution" -- is not Dynamic Substitution as defined in the
>> patent.
>>
>> >Further, a
>> >classical polyalphabetical substitution effects a
>> >combination of the key stream and the plaintext stream.
>> >If one employs auto-key with such substitution one again
>> >has 'dynamics'.
>>
>> The specific aspect of "dynamic" in Dynamic Substitution is the
>> permutation of values within a table. The table thus "changes," and
>> is in that sense "dynamic." Selecting a different table might be
>> "dynamic" in your personal language and your particular usage, but
>> that does not make it correspond to the coverage of the patent. The
>> title of the patent is not the coverage; to understand the coverage,
>> one must deal with the claims.
>
>On the other hand, in another post you seemed to claim that
>generation of a very large table statically for later use
>(through choice of columns analogoug to selection with key
>in polyalphabetic substitution) would be considered as in
>conflict with your patent, even though there is no dynamic
>creation of table. This point is non-trivial as far as the
>coverage goes and it is important to have a clarification of
>that.
There have been many points in the past few days. The best match for
this that I recall was that if someone wanted to get around the
Dynamic Substitution patent by saying they did not have "a
substitution table" and then produced some sort of logic structure --
one element at a time -- which in effect *was* a table, we should
expect that to infringe as well. It is not that easy to get around a
patent.
I don't understand your point about "generation of a very large static
table," since the Dynamic Substitution issue is not about size
(although it must be small enough to be realized). The whole point of
Dynamic Substitution is to re-arrange the contents of the table. That
is not done in polyalphabetic substitution, which I believe I gave as
prior art in the patent itself. In general, if the contents of the
tahle are not re-arranged, it is not Dynamic Substitution.
>> >Anyway, the extremely general formualtion
>> >in the patent of combining two streams to generate a more
>> >complicated stream has certainly at least the problem of
>> >confounding the readers.
>>
>> All patents confound readers at the beginning. They are extremely
>> detailed and the arcane language has specialized meaning derived from
>> patent law. Often there is a general understanding which can avoid
>> the technical language of patent law, but generally one must have some
>> background to understand the limits. Some readers move on to accept
>> the law as a basis for understanding what is going on. Some don't,
>> and then just complain, complain, complain.
>>
>> >If the patent specifies a very
>> >particular encryption that is really new, then there is
>> >nothing against the patenting. But then the formulation
>> >of the patent should also be correspondingly special and
>> >not use such general terms as we have seen in previous
>> >posts.
>>
>> Alas, your interpretation of what should or should not be appropriate
>> for the US patent system does not correspond to reality. It is
>> probably silly for any small company to patent a detailed cipher,
>> because in that case, small changes in the design will avoid the
>> patent. The whole point of a patent is to create a limited-term
>> monopoly that cannot be avoided if one wishes to use the advance which
>> was disclosed. This supports the profit to repay the development
>> effort, profit to encourage new effort, and helps to protect the new
>> idea until it becomes established in the marketplace. And profit, of
>> course, is just business as usual.
>
>I don't have problems with the purposes of the patent laws,
>nor with copyright. I think that they both have merits in
>principle. Inventors should be rewarded. What worries me is
>the 'practice' of having very general claims in the patent
>documents, which, even if these are actually largely
>restricted by (eventually present) other clauses of the same
>documents, may cause undesirable confusions to other
>practioners or potential inventors, mistakingly thinking
>that all what they intend to do falls already in the domain
>of these general claims. That I think would be very bad.
The only solution I can offer is the same one you have been
essentially calling unfair, and that is to learn about patents,
claims, and patent law. What other solution could there possibly be?
Not everybody learns in school every skill they need in real life. I
think technical people should know how to read a patent, and how to
interpret claims, and thus exhibit less of a tizzy when they are
confronted with such a monster. If someone considers patents
important enough to potentially disturb their work, they may need
patent skills just to do their work.
>> >Note that the patent holder doesn't seem to be
>> >considering that his patent is about a very special scheme
>> >at all.
>>
>> All we need to note whether Dynamic Substitution is "special" is to
>> count how many alternatives there are to building nonlinear dynamic
>> combiners.
>>
>> So if you can be happy with something else, use it. But if you want a
>> nonlinear dynamic combiner -- especially a reversible combiner --
>> there is ample indication that my work is fairly "special."
>
>I am not sure whether the term nonlinear combiner couldn't be
>'interpreted' to encompass e.g. modular multiplication of two
>entities, use of F-functions of DES, rotation of one entity
>with modular addition of another, and use of a nonlinear PRNG
>to process a bit stream. These are however in my view all prior
>art.
All of which is fine with me. Dynamic Substition is the *name* of the
patent; it does *not* imply that anything which is "dynamic" and which
includes some form of "substitution" is covered.
Dynamic Substitution is just shorthand for the claims. You seem to
find this misleading for some reason, but the precise alternative
would be to call it by the full claim description, and avoiding that
horror is the reason we have names.
>> >In fact in a number of his posts he claimed that
>> >the patent has rather general coverage.
>>
>> The patent says what it says. It stands on its own and doesn't need
>> me to interpret it for you -- assuming you have the background to
>> interpret it for yourself.
>>
>> There is a good reason a patent can be general, and that reason is
>> that it covers completely new art, and thus does not have prior art
>> which must be avoided. This is patenting as it is supposed to be: the
>> public disclosure -- and protection -- of completely new work.
>
>If something is completely new, it could hardly be 'general',
>but, in contrary, singular/special/particular.
That sounds odd to me. It is the new work which has little prior art,
which thus imposes few limitations on a new patent.
>> >That's the problem.
>>
>> The problem? Really? But since you live outside the US, you can just
>> steal my published ideas and even use them in your products -- as long
>> as you don't ship product to the US. So how is any of this a
>> "problem" for you? And if not for you, then who?
>
>I don't have any personal plans to earn money in any field.
>There is hence no personal 'problem' for me at all. Others
>have raised though the point that the good intended purposes
>of patent laws would be undermined, if the practice of granting
>patents is improper, allowing persons to get patents without
>actual novelty or with much more coverage than the underlying
>ideas deserve. I guess that many people in this group have
>a common (and unfavourable) opinion about e.g. Hitachi's
>rotation patents.
I have long thought you were making far too much of the Hitachi
claims. Haven't there been several messages on sci.crypt, each with a
pretty good technical analysis, which told you that this was not the
problem you claimed? Did you not read those? Did you forget them?
How many times must you be told before you will accept reality? From
what dark recesses does this strange fear continue to re-emerge and
infest all the newbies with this baseless dark foreboding?
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: patent this and patent that
Date: Wed, 04 Apr 2001 06:22:15 GMT
On 3 Apr 2001 19:57:20 -0600, in <9adv20$3rb$[EMAIL PROTECTED]>,
in sci.crypt [EMAIL PROTECTED] (Vernon Schryver) wrote:
>In article <[EMAIL PROTECTED]>, Terry Ritter <[EMAIL PROTECTED]> wrote:
>
>> ...
>>Please. Adding? XOR? Patented? I don't think so....
>
>How can someone who is neither uniformed nor short of intellectual
>honesty make such a statement?
Because it does not apply. None of this applies to someone working on
their own for their own research or even use -- provided they don't
make a public issue of it. As far as I know, US patents don't apply
to someone in Canada. And the XOR patent (whatever that really was),
is long gone.
>Recall the infamous XOR cursor patent. (What was its number? Asking
>http://www.delphion.com/ for "cursor, xor" produces wonderful items
>including some that would have been old news to me if I'd heard of
>them 10 years before they were filed. but I don't or recognize see
>the infamous XOR cursor among them.)
I've never studied the XOR patent. But there have been several
postings to sci.crypt which stated that the actual patent was not what
it is generally claimed to be, but was instead a fairly clever
approach at the time.
In any case, that time is long gone. And this sort of thing is to be
expected as the literature in any new technology catches up and we
finally get a good body of prior art.
>Then consider these wonderful examples of the patent filer's art:
> http://www.delphion.com/details?&pn=US06025810__
> http://www.delphion.com/details?&pn=US05443036__
> http://www.delphion.com/details?&pn=US05446889__
> http://www.delphion.com/details?&pn=US06073150__
I haven't considered any of them. Even if every one is horrendous,
you are mentioning 5 patents -- out of 6,000,000.
Patents are complex legal documents constructed by humans, granted by
humans, and administered by humans. Of course there are going to be
problems. Legal systems are inherently inconsistent. Do you really
imagine that we should not be overjoyed by any legal ownership process
which has problems in only 1 in a million cases? Wouldn't life be
nice if everything was perfect?
In reality, I expect there are lots more examples of patent problems.
But, in general, the system creaks along, despite having what I think
is our major government example of an "old-world-style bureaucracy."
>Other great examples include the Motorola-Codex patent on TCP/IP
>header compression whose only problem was that it was filed after
>that stuff was already shipping,
Unless things have changed recently, as far as I know it is perfectly
reasonable to file for US patent up to a year after implementations
are shipped.
>or the other Motorola-Codex patent
>that essentially patents x.25 only 20+ years too late.
Well, "essentially" is the problem. To know what a patent really is,
one has to examine the actual claims in detail. It is very
appropriate to take prior art, modify it, and then patent the modified
scheme. Patenting individual ciphers is sort of like that.
>I wonder how many patents are as bad as those or the various "blocking"
>patents seen in the 19th Century history of firearms and the late 20th
>Century history of ink jet printers.
The whole point of the ideal patent document is to construct a
limited-term monopoly. Unless a patent is a monopoly, it does not
force someone to license it. When a patent can be "engineered
around," some people are not paying for the research which lead to the
patent.
>It would be interesting if a
>disinterested party could survey patents to see how many are silly
>variations of paper clips and how many are real inventions.
That sounds like the problem of "who will watch the watchers": Who
decides what a "real invention" is?
Normally, assuming basic requirements are met, the PTO just grants the
patent. If the patented thing is useless (i.e., not "a real
invention"), the patent is just worthless, and does not affect
anybody. In this way the PTO "prints money," and in fact sends money
to the treasury; as far as I know, the PTO is still a profit-making
government institution. (!!!)
It seems to me that it is mainly the patents which *are* "real
inventions" that cause trouble, and those would all get through.
>It would
>require someone without the technical phobia and ignorance of typical
>judges and juries. It also could not one of those with vested interests
>in continuing and expanding the current system, such as "intellectual
>property professionals." It would also require a real masochist, since
>anyone with enough technical education to hope to judge patents can earn
>far more and have far more fun with a lot less pain than in such a project.
>Besides, such a project would be futile because there is not the slightest
>hope that the patent mess will be other than made worse by the lawyers
>including the courts and Congress. They are compelled to extend their
>sphere of control over any parts of society that show signs of working
>well without their attentions.
Do you mean to say that you do not experience some relish in the
knowledge that most of society now depends upon the software and
computers under the "sphere of control" of people like you? And are
you not eager to "extend" that sphere in your own work? Do you
imagine that people who are elected to write laws should not be eager
to fulfill their role and thus write more laws?
Personally, I'd like to see laws include an "Desired Effects" clause,
so that if a law does not achieve the desired effect, it would be
quickly scheduled for change or removal. That might expose a lot of
problems, and *that* might get lawmakers into the computer modeling of
human social systems, which could be interesting.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
