Cryptography-Digest Digest #649, Volume #12 Sun, 10 Sep 00 19:13:01 EDT
Contents:
Re: RSA Patent -- Were they entitled to it? (John Savard)
Re: RSA Patent -- Were they entitled to it? ("Paul Pires")
Re: Scottu19 Broken (Tom St Denis)
Re: Scottu19 Broken (Tom St Denis)
Re: Intel's 1.13 MHZ chip (John Savard)
Re: Scottu19 Broken (John Savard)
Re: Camellia, a competitor of AES ? (Mok-Kong Shen)
Re: Scottu19 Broken (Mok-Kong Shen)
Re: Camellia, a competitor of AES ? ([EMAIL PROTECTED])
Re: RSA Patent -- Were they entitled to it? (Mok-Kong Shen)
Re: Losing AES Candidates Could Be a Good Bet? (Mok-Kong Shen)
CRC's as MAC's (Dido Sevilla)
Re: RSA Patent -- Were they entitled to it? (Bill Unruh)
Re: RSA Patent -- Were they entitled to it? (Bill Unruh)
Re: Scottu19 Broken (Mok-Kong Shen)
Re: RSA Patent -- Were they entitled to it? ("Paul Pires")
Re: RSA Patent -- Were they entitled to it? (Mok-Kong Shen)
Re: Camellia, a competitor of AES ? (Mok-Kong Shen)
Re: OutLook Express & SMIME (Paul Rubin)
Re: Camellia, a competitor of AES ? ([EMAIL PROTECTED])
Re: RSA Patent -- Were they entitled to it? ("Paul Pires")
Re: RSA Patent -- Were they entitled to it? (Terry Ritter)
R: PRNG ("Cristiano")
Re: IDEA - PGP (David Crick)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Sun, 10 Sep 2000 20:57:21 GMT
On Sun, 10 Sep 2000 00:28:14 GMT, "Aztech" <[EMAIL PROTECTED]> wrote, in
part:
>Also, you have to ask if RSA were actually entitled to this patent because
>they weren't the first to discover public key cryto!
Well, the whole intent of the patent system is to reward people who
make their discoveries public.
Perhaps the British government had the option of speaking up, but that
would have gotten into a very thorny area of patent law: had someone
in the NSA discovered it, and had this resulted in a secret patent or
something like that, things would have been simpler.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Sun, 10 Sep 2000 14:09:51 -0700
Mok-Kong Shen <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Paul Pires wrote:
> >
> > Terry Ritter <[EMAIL PROTECTED]> wrote:
>
> > > As far as I know, secret work simply does not invalidate a later
> > > patent by someone else on that same invention.
> >
> > It is stronger than this. Keeping it secret without moving towards
> > a patent can loose one the right to patent while not affecting others
> > as prior art. It is actively punished.
> >
> > This is as it should be. An exchange of monopoly for work and
> > investment. Someone who tries to achive the result without making
> > the exchange (disclosure) should be barred from the process.
>
> I suppose that a patent law must conform to some commonsense
> logic. A secret 'prior work' certainly cannot count, for
> else somebody can always fake documents and with these claim
> 'prior work' even though he hasn't done anything that is
> 'prior'. (I could add into my old diary of 1990 anything
> I want, don't I?) Further, one of the purposes of granting
> a patent is to render the knowledge contained in the patent
> available to the public. Keeping knowledge secret runs
> against the purpose of patents and thus cannot not be
> supported by patent laws.
That's how I understand it anyway. It is meant to be an incentive
and not a gift. Even when the concept of "first to invent" had
meaning, there were critical requirements. "Reduction to practice"
Unfortunately, just the act of drafting a patent is considered as such.
If a demonstration that the proposed system has actually been built,
tested and refined were required, the most eggregious abuse (submarine
patents) could be reduced.
Paul
>
> M. K. Shen
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Scottu19 Broken
Date: Sun, 10 Sep 2000 21:14:45 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> On Sun, 10 Sep 2000 05:27:43 -0400, "Douglas A. Gwyn"
> <[EMAIL PROTECTED]> wrote, in part:
> >/dev/null wrote:
> >> > [EMAIL PROTECTED] babbles:
>
> >> > Oh now I have to give reasons? Nah. NSA likes breaking all
crypto
> >> > espescially from fanatics.
>
> >> What do you know of them? It is their job. If they do break
something
> >> it is very unlikely you or anyone else outside the agency will
know.
>
> >Actually they don't have resources to waste on attacking
> >amateur ciphers that aren't involved in traffic of interest.
> >When new ideas turn up, some research might be done to
> >investigate them, for several reasons including being able
> >to handle new systems based on them should they arise.
>
> I'm quite sure that you are correct, and the fellow who posted that
> the NSA had broken Scott19u (not only did he say it was broken, he
> didn't even spell its name right!) was just joking.
Since when did I need proof to assume the NSA can break all weak crypto
beginning with S?
Hehehe... I am just trying to point out how bothersome his posts are.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Scottu19 Broken
Date: Sun, 10 Sep 2000 21:12:09 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Tom St Denis <[EMAIL PROTECTED]> wrote:
> : [EMAIL PROTECTED] wrote:
> :> [EMAIL PROTECTED] wrote:
>
> :> : I heard that the NSA broke Scottu19, is that true?
> :>
> :> Is http://www.deja.com/threadmsg_ct.xp?AN=666637659 the source of
your
> :> information? The only other mention recently here appears to be
> :> http://x60.deja.com/threadmsg_ct.xp?AN=666850697.1
>
> : Both posters are in fact me. [...]
>
> You mean you post under "John Myre <jmyre[at]sandia.gov>" sometimes,
> signing yourself as "JM"?
No, I was 'phreakerboy'. The password is 'goofus' in deja.com if you
want the account :)
I guess I made my point if you read his reply to your last post to
this. He got very mad and angry at me because I spoke out of turn.
Simply I acted like he does and he didn't appreciate it.
OH well, this is not alt.civics, if he wants to be like that all the
power to him.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Intel's 1.13 MHZ chip
Date: Sun, 10 Sep 2000 21:25:45 GMT
On Sun, 10 Sep 2000 13:05:00 +0200, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote, in part:
>"S. T. L." wrote:
>> What's funny is that not even 8086s are as slow as 1.13 MHz. :->
>It is indeed funny that several people ignore my errata and
>continue go generate lots of noise. Maybe they couldn't
>read.
Myself, I would have been content to just ignore the error. Intel's
1.13 whatever chip has been recalled. I didn't even know they had a 1
GHz chip out just yet. So I found that to be interesting news.
The original 8088 was 4.77 MHz, but there were 1 MHz versions of the
8080 and 6800, if I'm not mistaken.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Scottu19 Broken
Date: Sun, 10 Sep 2000 21:34:39 GMT
On Sun, 10 Sep 2000 10:52:42 GMT, Tim Tyler <[EMAIL PROTECTED]> wrote, in
part:
>[EMAIL PROTECTED] wrote:
>: I heard that the NSA broke Scottu19, is that true?
>Is http://www.deja.com/threadmsg_ct.xp?AN=666637659 the source of your
>information? The only other mention recently here appears to be
>http://x60.deja.com/threadmsg_ct.xp?AN=666850697.1
You mean he didn't just make that up? (Although those posts hardly
supply any real evidence, so I think I can stand behind my assumption
that he was just joking.)
Looking up the thread, I see I missed a post by David A. Scott. I will
have to admit to him since, except for a BASIC-language version of
Quadibloc S to generate some test vectors, I haven't implemented any
of my designs, there probably _are_ more people using his ciphers than
mine.
While being polite and careful in what one says is helpful in being
taken seriously, I freely admit that making the effort of writing code
to make things easy for other people is important too.
This in no way negates the _original_ intent behind the first
Quadibloc cipher - to show that it is possible, at the cost of some
loss of efficiency, to design a block cipher so that it is much easier
to write a program to implement it than to write one implementing DES,
and therefore that the description of a block cipher is almost as
"dangerous" as code implementing it, and therefore that the
previously-existing export restrictions faced by U.S. residents and
citizens were not, at least for some purposes, as big a deal as
claimed.
Also, there are plenty of implementations of block ciphers out there,
but I think my web site is worth my efforts, even if there are also
other cryptography web sites out there.
And, of course, Mr. Scott is welcome to come up with a cryptanalysis
of Quadibloc VIII if he wishes.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Camellia, a competitor of AES ?
Date: Sun, 10 Sep 2000 23:43:48 +0200
Hideo Shimizu wrote:
>
[snip]
> I have read this information from Japanese newspaper or magazines.
> I do not know relationship among above projects. However, I guess
> more algorithms.
I suggest that you convey, if possible, to your national
standardization body (which submits the Japanese algorithms
to ISO) the general users' wish that the algorithms be free
of patent issues. Thanks.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Scottu19 Broken
Date: Sun, 10 Sep 2000 23:44:06 +0200
John Savard wrote:
>
> I doubt very much that the NSA has some super computer (not to be
> confused with a supercomputer; of course they have plenty of _those_)
> into which they just need to type the description of any new algorithm
> that comes along, and it will figure out how to break it for them. (If
> they had, they would need fewer mathematicians on their staff!)
It is conceivable, however, that a lead in AI techniques
could help a bit to minimize human resources.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Camellia, a competitor of AES ?
Date: Sun, 10 Sep 2000 21:42:27 GMT
Hideo Shimizu <[EMAIL PROTECTED]> wrote:
> 1) ISO entry
> Now, ISO standarize some cryptographic algorithms (block cipher, stream
> cipher, public-key cipher). Japanese national body will entry this project.
> Camellia is one of the five block ciphers.
The ISO has "registered" block ciphers for a while, choosing not to
standardise any of them. For example, B-CRYPT, IDEA, and LUC are all
"ISO/IEC 9979 Registered" but none are a standard. Since there are
absolutely no requirments for registration, execept for it being
submitted by a national body, I'm not really sure I see the point.
Personally, I think the ISO should probably follow NIST and declare
the AES winner a standard.
--
Matt Gauthier <[EMAIL PROTECTED]>
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Mon, 11 Sep 2000 00:06:35 +0200
Roger Schlafly wrote:
>
[snip]
> When patent folks talk about "prior art", they are usually talking about
> knocking out a patent with 102(b). That is how it is usually done. But
> 102(a) can also invalidate a patent. You just have to prove that
> the invention was known or used by others in the US. So in the case
> of RSA, you'd have to prove that GCHQ told NSA about it. (Possible --
> the head of the NSA once bragged that they already knew about public
> key crypto.)
But anybody can (falsely) claim that he already knew something
at some prior time point. That can't be a valid 'proof'. Or
do I miss something?
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Losing AES Candidates Could Be a Good Bet?
Date: Mon, 11 Sep 2000 00:06:46 +0200
"Douglas A. Gwyn" wrote:
>
> Chris Rutter wrote:
> > I thus assume that the NSA probably has little interest either way
> > in whether it can or cannot break AES.
>
> I don't speak for them, but I am sure they are quite interested
> in that matter, for numerous reasons including that it could be
> used by targets of interest to the Agency.
It is conceivable that Russia will put out something parallel
to AES, just as they have made GOST as a counterpart of DES.
M. K. Shen
------------------------------
From: Dido Sevilla <[EMAIL PROTECTED]>
Subject: CRC's as MAC's
Date: Mon, 11 Sep 2000 05:54:50 +0800
I've been shopping for a MAC algorithm these days and have not been
fortunate enough to find an algorithm that provides reasonable defense
against forgery and modification detection while not being an
unreasonable algorithm to implement on a low-powered embedded
microcontroller. All the well-known ones are too expensive.
The best idea I've been able to find so far is the use of a CRC
algorithm. The MAC would essentially be a 128-bit CRC, encrypted with a
block cipher, which provides our keying. We'd have a set of polynomials
to be used for the CRC, say a set of sixteen 128-bit polynomials which
are randomly selected along with a 128-bit block cipher key. We use the
polynomials to calculate a CRC on the data, and the CRC is encrypted by
the block cipher.
Questions: does this make a good MAC, regardless of what polynomials I
choose, or to put it differently, are there sets of polynomials
available that if used produce a good MAC? Assuming I have a good block
cipher. I don't have any references on the theory of CRC's so I have no
clue as to how to answer this question. References on CRC theory,
especially on how to select polynomials, are much appreciated, most
especially if they're online references...
--
Rafael R. Sevilla <[EMAIL PROTECTED]> +63 (2) 4342217
ICSM-F Development Team, UP Diliman +63 (917) 4458925
PGP Key available at http://home.pacific.net.ph/~dido/dido.pgp
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: RSA Patent -- Were they entitled to it?
Date: 10 Sep 2000 22:04:29 GMT
In <[EMAIL PROTECTED]> Mok-Kong Shen <[EMAIL PROTECTED]> writes:
]I suppose that a patent law must conform to some commonsense
]logic. A secret 'prior work' certainly cannot count, for
]else somebody can always fake documents and with these claim
]'prior work' even though he hasn't done anything that is
]'prior'. (I could add into my old diary of 1990 anything
]I want, don't I?) Further, one of the purposes of granting
Well, no. One of the things the courts look at in these priority claims
is precisely the possiblity that one of the people cheated. The proof of
first invention is fairly stringent.
]a patent is to render the knowledge contained in the patent
]available to the public. Keeping knowledge secret runs
]against the purpose of patents and thus cannot not be
]supported by patent laws.
The question here is where the invention's publication was suppressed by
national security issues. Ie, had NSA invented RSA, been unable to
patent it due to national security rulings, then when it came out in
public, would they be able to invalidate that public patent by the prior
secret invention? After all this is apparently what happened with RSA
where youreplace NSA with GCHQ.
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: RSA Patent -- Were they entitled to it?
Date: 10 Sep 2000 22:08:52 GMT
In <[EMAIL PROTECTED]> Mok-Kong Shen <[EMAIL PROTECTED]> writes:
>But anybody can (falsely) claim that he already knew something
>at some prior time point. That can't be a valid 'proof'. Or
>do I miss something?
Sure it can. The law deals with stuff like this all the time. People
falsely claim that they did not commit the murder, yet they get
convicted. The courts do not simply take everyone at their word.
You would need to prove that you actually did know it at that earlier
time with more than just your word. The word of witnesses to whom you
told it. Notarized notebooks, etc.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Scottu19 Broken
Date: Mon, 11 Sep 2000 00:28:06 +0200
John Savard wrote:
>
[snip]
> This in no way negates the _original_ intent behind the first
> Quadibloc cipher - to show that it is possible, at the cost of some
> loss of efficiency, to design a block cipher so that it is much easier
> to write a program to implement it than to write one implementing DES,
> and therefore that the description of a block cipher is almost as
> "dangerous" as code implementing it, and therefore that the
> previously-existing export restrictions faced by U.S. residents and
> citizens were not, at least for some purposes, as big a deal as
> claimed.
The biggest threat to a dictatorship country and paradoxically
also to a (presumably) democratic country is that the people gain
knowledge, become wise and thus are able to think about matters
that could be inconvenient to the government. Export regulations
and crypto clauses of Wassenaar Arrangements are at the base
a manifestation of this ubiquitous fact.
M. K. Shen
============================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Sun, 10 Sep 2000 15:15:34 -0700
Bill Unruh <[EMAIL PROTECTED]> wrote in message
news:8ph0hd$c5v$[EMAIL PROTECTED]...
> In <[EMAIL PROTECTED]> Mok-Kong Shen <[EMAIL PROTECTED]>
writes:
>
> ]I suppose that a patent law must conform to some commonsense
> ]logic. A secret 'prior work' certainly cannot count, for
> ]else somebody can always fake documents and with these claim
> ]'prior work' even though he hasn't done anything that is
> ]'prior'. (I could add into my old diary of 1990 anything
> ]I want, don't I?) Further, one of the purposes of granting
>
> Well, no. One of the things the courts look at in these priority claims
> is precisely the possiblity that one of the people cheated. The proof of
> first invention is fairly stringent.
>
> ]a patent is to render the knowledge contained in the patent
> ]available to the public. Keeping knowledge secret runs
> ]against the purpose of patents and thus cannot not be
> ]supported by patent laws.
>
> The question here is where the invention's publication was suppressed by
> national security issues. Ie, had NSA invented RSA, been unable to
> patent it due to national security rulings, then when it came out in
> public, would they be able to invalidate that public patent by the prior
> secret invention? After all this is apparently what happened with RSA
> where youreplace NSA with GCHQ.
Good question. As I understand it, a security order doesn't steal away
your patent rights, it just defers them for a period of time and extends
the patent term to compensate. What happens if a later patent gets
granted on similar material frozen by a security order? (This could
happen through error or foreign priority filing in the US not covered
by the security order) Any way you resolve it, someone gets screwed.
Paul
Paul
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Mon, 11 Sep 2000 00:40:09 +0200
Bill Unruh wrote:
>
> The question here is where the invention's publication was suppressed by
> national security issues. Ie, had NSA invented RSA, been unable to
> patent it due to national security rulings, then when it came out in
> public, would they be able to invalidate that public patent by the prior
> secret invention? After all this is apparently what happened with RSA
> where youreplace NSA with GCHQ.
I don't know. But I could imagine the case that the US patent
office grant a patent (with a patent number) to NSA, if it
invented RSA, but does not publish the document based on
national security grounds. On the other hand, this evidently
could not be done by GCHQ which is foreign to US.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Camellia, a competitor of AES ?
Date: Mon, 11 Sep 2000 00:45:43 +0200
[EMAIL PROTECTED] wrote:
>
> The ISO has "registered" block ciphers for a while, choosing not to
> standardise any of them. For example, B-CRYPT, IDEA, and LUC are all
> "ISO/IEC 9979 Registered" but none are a standard. Since there are
> absolutely no requirments for registration, execept for it being
> submitted by a national body, I'm not really sure I see the point.
>
> Personally, I think the ISO should probably follow NIST and declare
> the AES winner a standard.
Why do you think that ISO should give priority to AES over
any other ciphers?
M. K. Shen
------------------------------
Subject: Re: OutLook Express & SMIME
From: Paul Rubin <[EMAIL PROTECTED]>
Date: 10 Sep 2000 15:35:07 -0700
"Michael Scott" <[EMAIL PROTECTED]> writes:
> I am experimenting with SMIME and have got myself a free certificate from
> Thwaite. This all works fine.
>
> My question is this. Where is my private key stored? Presumably it is stored
> somewhere for OutLook Express to use to sign my emails (and decrypt any
> encrypted emails I receive) but where? I also presume that it is stored "in
> the clear", as I am not asked for any passphrase.
>
> Mike Scott
See http://www.cs.auckland.ac.nz/~pgut001/pubs/breakms.txt.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Camellia, a competitor of AES ?
Date: Sun, 10 Sep 2000 22:39:23 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> Why do you think that ISO should give priority to AES over
> any other ciphers?
1. Because the US has, by far, the largest online economy. If the ISO
simply ignored the existing US standard, we'd have the reverse
situation to digital signatures. (Where the US standard is DSA, and
the ISO standard RSA).
2. Because, overall, AES canidates have received _much_ more analysis
than any other canidtaes.
3. Because it's unlikely, in my opinion, that anything superior would
suddenly crop up if submissions were solicited world wide.
--
Matt Gauthier <[EMAIL PROTECTED]>
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Sun, 10 Sep 2000 15:40:32 -0700
Mok-Kong Shen <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Bill Unruh wrote:
> >
>
> > The question here is where the invention's publication was suppressed by
> > national security issues. Ie, had NSA invented RSA, been unable to
> > patent it due to national security rulings, then when it came out in
> > public, would they be able to invalidate that public patent by the prior
> > secret invention? After all this is apparently what happened with RSA
> > where youreplace NSA with GCHQ.
>
> I don't know. But I could imagine the case that the US patent
> office grant a patent (with a patent number) to NSA, if it
> invented RSA, but does not publish the document based on
> national security grounds. On the other hand, this evidently
> could not be done by GCHQ which is foreign to US.
Think of it this way. A foriegn security order has no force here.
Sure, allies can get around it by a little mutual back scratching
but that is definately an "end run" i.e. not using the proceedure
as defined or intended. In the case of a security order, I have
been told by my patent attourney that the material is frozen and
set aside for later action, not granted and withheld. Although
there is a way that that can happen in some rare cases.
I read somewhere that in rare cases where the requirement
to teach compromises other trade secret information that the
patent can be granted and held secret. I'm not real confident
about that one, I might not have got it right.
Paul
Paul
>
> M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Sun, 10 Sep 2000 22:49:58 GMT
On Sun, 10 Sep 2000 14:06:11 -0700, in
<[EMAIL PROTECTED]>, in sci.crypt Roger Schlafly
<[EMAIL PROTECTED]> wrote:
>Terry Ritter wrote:
>> As far as I know, secret work simply does not invalidate a later
>> patent by someone else on that same invention.
>
>It is rare for that to happen, but technically the secret work
>can invalidate a later patent.
>
>Sec. 102. Conditions for patentability; novelty and loss of right to
>patent
>A person shall be entitled to a patent unless -
> (a) the invention was known or used by others in this country, or
>patented or described in a printed publication in this or a foreign
>country, before the invention thereof by the applicant for patent, or
> (b) the invention was patented or described in a printed publication
>in this or a foreign country or in public use or on sale in this
>country, more than one year prior to the date of the application for
>patent in the United States, or ...
>http://www4.law.cornell.edu/uscode/35/102.html
>
>When patent folks talk about "prior art", they are usually talking about
>knocking out a patent with 102(b). That is how it is usually done. But
>102(a) can also invalidate a patent. You just have to prove that
>the invention was known or used by others in the US. So in the case
>of RSA, you'd have to prove that GCHQ told NSA about it. (Possible --
>the head of the NSA once bragged that they already knew about public
>key crypto.)
I disagree. Not with the law, obviously, but with the implication
that telling someone *without* expectation of secrecy is the same as
telling someone *with* an expectation of secrecy, such as telling an
organization like the NSA.
In fact, having others "know" an invention occurs all the time:
Witnesses must know the invention before they can sign and establish a
legal date of invention -- do witnesses make a patent invalid?
Normally, lawyers will "know" an invention before one can even make an
application. And investors and manufacturers may "know" an invention
under terms of non-disclosure agreements. In commercial laboratories,
many people may "know" an invention before a patent is even filed, the
distinction being an expectation of secrecy from each.
In this section of law, I think the word "known" applies to an
invention "revealed without expectation of secrecy." In my view, even
if GCHQ had told NSA and NSA proceeded to implement the invention in
the US, the fact that it was kept secret would preclude the
application of 35 USC 102(b).
But I am not a patent lawyer.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: "Cristiano" <[EMAIL PROTECTED]>
Subject: R: PRNG
Date: Mon, 11 Sep 2000 00:53:17 +0200
I frequent many newsgroup, but the bad manners that I have found here are
incomparables!
You and other guys assault the people, please quiet down!
Cristiano
------------------------------
From: David Crick <[EMAIL PROTECTED]>
Subject: Re: IDEA - PGP
Date: Mon, 11 Sep 2000 00:03:58 +0100
Bill Unruh wrote:
>
> In <[EMAIL PROTECTED]> "December"
><[EMAIL PROTECTED]> writes:
>
> ]Right, my computer setup is a Commodore Amiga 1200. It is likely I am
> ]going offline soon and wish to send a friend in the US disks now and
> ]again, which will contain personal texts. I want this to be encrypted and
> ]currently the best looking method is IDEA - found in PGP.
>
> No. IDEA is an algorithm which is encumbered by patent in t
> Europe, USA and Japan. Thus for example I do not belive GPG uses IDEA.
> IDEA was what Zimmermann used in his second incarnation of PGP, however,
> so most, for compatibility, do allow you to use IDEA.
The PGP2 docs state:
The IDEA(tm) conventional block cipher used by PGP is covered by a
patent in Europe, held by ETH and a Swiss company called Ascom-Tech
AG. The US Patent number is 5,214,703, and the European patent
number is EP 0 482 154 B1. IDEA(tm) is a trademark of Ascom-Tech AG.
There is no license fee required for noncommercial use of IDEA.
Commercial users of IDEA may obtain licensing details from Dieter
Profos, Ascom Tech AG, Teleservices Section, Postfach 151, 4502
Solothurn, Switzerland, Tel +41 65 242885, Fax +41 65 235761.
Ascom-Tech AG has granted permission for the freeware version PGP to
use the IDEA cipher in non-commercial uses, everywhere. In the US
and Canada, all commercial or Government users must obtain a licensed
version from ViaCrypt, who has a license from Ascom-Tech for the IDEA
cipher.
Ascom-Tech has recently been changing its policies regarding the use
of IDEA in PGP for commercial use outside the US, and that policy
still seems to be in flux. They tell me that their current thinking
is as follows: They will allow commercial users of PGP outside the
US or Canada to use IDEA in PGP without paying royalties to
Ascom-Tech, because it is not currently possible for commercial users
to buy a licensed version of PGP outside the US or Canada. If the
legal situation in the USA changes in the future, so that users
outside the US or Canada can buy a licensed version of PGP (either
from ViaCrypt, or from me, or from a foreign enterprise licensed by
me), then Ascom-Tech will begin enforcing its patent licensing
policies on commercial users who are in a position to buy a licensed
version of PGP. To get a more up-to-date report on this, contact
Ascom-Tech AG.
--
+-------------------------------------------------------------------+
| David A. Crick <[EMAIL PROTECTED]> PGP: (SEP-2000 KEY) 0x3226F499 |
| Damon Hill Tribute Site: http://www.geocities.com/MotorCity/4236/ |
| M. Brundle Quotes: http://members.tripod.com/~vidcad/martin_b.htm |
+-------------------------------------------------------------------+
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
