[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Key length security (calculations!)



JWS writes:

>[I describe the shamir triple pass key exchange protocol]

>> I suspect this protocol is covered by the Diffie-Hellman patent, which is
>> quite broad, covering many sorts of key exchanges.  Diffie-Hellman is now
>> owned by PKP, the sister company to RSA.  If so, Shamir has not undercut his
>> own financial interests by this work.  (Also, this does not obsolete PK
>> since it requires several exchanges before communication can occur, making
>> it inappropriate for high-latency communications, such as for most email.)

>Can anybody verify this? I thought that DH only applied to public key systems.
>Surely the idea of exchanging keys can't be patented. You have to patent the
>process and I though DH just took care of the public key symetric key exchange 
>process.

As I recall, the patent is very general.  A sends a message to B, B sends
one back to A; this goes on for a while, then both sides feed their messages
into a black box and, presto, out pops a suitable encryption key which is the
same for both sides, but is such that no eavesdropper could feasibly produce
the key.  It's been a long time since I looked at it, though.  I would welcome
some verification.

(I should also add that my comment about Shamir not undercutting his own
financial interests was apparently incorrect if he has actually sold out his
interest in RSA as reported.)

Hal