Re: [cryptography] ECDSA - patent free?
On 2011-11-11 6:11 AM, coderman wrote: ... or wait for all relevant patents to expire. note that a sufficient period of time may extend beyond expiration for some safe duration of months/years. All the routinely used ECC technology is more than fifteen years old. What stops them from continuing to endless repatent the same stuff using slightly different words? ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] ECDSA - patent free?
Anyone have informed opinions on whether ECDSA is patent free? Any suggestions on EC capable crypto library that implements things without tripping over any certicom claimed optimizations? (Someone pointed out to me recently that the redhat shipped openSSL is devoid of ECC which is kind of a nuisance!) Suite B pushed use of EC you would think would increase the interest in having clarity on the EC patent situation.. Adam ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] ECDSA - patent free?
On Nov 9, 2011, at 10:22 AM, Adam Back wrote: Anyone have informed opinions on whether ECDSA is patent free? Define informed. Seriously. Do you want to hear from actual lawyers? People who have talked to lawyers? People who think they understand law? Any suggestions on EC capable crypto library that implements things without tripping over any certicom claimed optimizations? Certicom claims patents on many things, among them optimizations. They are (IMNSHO) purposely vague on what they claim. (Someone pointed out to me recently that the redhat shipped openSSL is devoid of ECC which is kind of a nuisance!) Sure is. Suite B pushed use of EC you would think would increase the interest in having clarity on the EC patent situation.. How could that clarity possibly be achieved? Again, this is a serious question. --Paul Hoffman ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] ECDSA - patent free?
On Wed, Nov 09, 2011 at 07:22:08PM +0100, Adam Back wrote: Any suggestions on EC capable crypto library that implements things without tripping over any certicom claimed optimizations? They can claim whatever they want. Since they have more money for lawyers than most open source projects, they win by default. Likely most of the commercial implementations pay their tithe, regardless of what they actually implement, for CYA purposes. (Someone pointed out to me recently that the redhat shipped openSSL is devoid of ECC which is kind of a nuisance!) They also strip IDEA, even though the patents are expired. For some reason RH legal seems especially frightened of crypto patents; it's not like dozens of features of gcc, the kernel, etc aren't covered by patents. This may partially be due the the lack of ambigiuity; for instance they probably wouldn't strip a cipher that happened to be covered by the claims of the IDEA patent that wasn't actually IDEA, but at the same time nobody would use it because it was an unstudied design. Whereas if the kernel is or is not violating a patent on RCU or linked lists or whatever is a touch more subtle and ambigious. I told them about RFC 6090 and they're 'looking into it' but I don't expect much. It's too easy to have a hard rule of 'algos X, Y, Z' are banned. Suite B pushed use of EC you would think would increase the interest in having clarity on the EC patent situation.. Cui bono? -Jack ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] ECDSA - patent free?
On Wed, Nov 9, 2011 at 1:22 PM, Adam Back a...@cypherspace.org wrote: Anyone have informed opinions on whether ECDSA is patent free? ECDSA is part of BIST's Digital Signature Standard. A royalty free license is a requisite. Any suggestions on EC capable crypto library that implements things without tripping over any certicom claimed optimizations? Daniel J. Bernstein thinks most ECC related patents are irrelevant. Otherwise, license from Certicom or RSA Data Securities. The best I can tell, if the patents are valid, then RSA Data Securities is infringing. License from RSA Data Securities and let them slug it out with Certicom. (Someone pointed out to me recently that the redhat shipped openSSL is devoid of ECC which is kind of a nuisance!) RedHat is acorporation with money. If you are not a corporation or don't have money, then don't worry about it. You can't get water form a rock. Suite B pushed use of EC you would think would increase the interest in having clarity on the EC patent situation.. Suite B uses ECC and has a minimum security level of 128 bits. You can still achieve the security level with DH-3072 (and subgroups of 256 or greater), RSA-3072, SHA-256, etc. Jeff ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] ECDSA - patent free?
On 2011-11-10 4:53 AM, Jack Lloyd wrote: On Wed, Nov 09, 2011 at 07:22:08PM +0100, Adam Back wrote: Any suggestions on EC capable crypto library that implements things without tripping over any certicom claimed optimizations? They can claim whatever they want. Since they have more money for lawyers than most open source projects, they win by default. Likely most of the commercial implementations pay their tithe, regardless of what they actually implement, for CYA purposes. John Keogh has recently patented the wheel. Note that his patent also covers the possibility of square wheels, should anyone figure out a method of making square wheels roll. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] ECDSA - patent free?
On 2011-11-10 4:22 AM, Adam Back wrote: Anyone have informed opinions on whether ECDSA is patent free? Nothing is patent free. Anyone can patent anything, and they usually do. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] ECDSA - patent free?
On 9 Nov 2011, at 22:03, James A. Donald jam...@echeque.com wrote: On 2011-11-10 4:22 AM, Adam Back wrote: Anyone have informed opinions on whether ECDSA is patent free? OpenSSH have implemented use of ecc since 5.7. It will by default import the ecdsa server host key if present. The OpenBSD project would be less likely to do that if ecdsa was so encumbered. You could ask this question in their ML as I am sure they will have looked closely at it. mike ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] ECDSA - patent free?
Jack Lloyd ll...@randombit.net writes: For some reason RH legal seems especially frightened of crypto patents; it's not like dozens of features of gcc, the kernel, etc aren't covered by patents. They may just be choosing where to fight their battles. If adaptive source routing (affecting all use of Linux as a server) was removed from the kernel it'd be on the front page of Slashspot within hours. Remove IDEA or ECC and no-one apart from a few hardcore crypto geeks will even notice, and even fewer will care. Peter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography