[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Encryption algorithms used in PrivaSoft (fwd)
David Clavadetscher of PrivaSoft writes:
> At this time our crypto engine is patented and proprietary.
Ian Goldberg writes:
> Waitasec... I was under the impression that if you patented it, you had to
> reveal it. That's why RC4 isn't patented (it used to be a trade secret).
I think I have figured out now what Clavadetscher meant. According to the
PrivaSoft home page, the product uses "bitmap encryption". Inspired by your
mention of patents being published, I sought a relevant patent, and I believe
I've found it. U.S. Patent 5,321,749 was issued to a Richard Virga of Danbury,
CT in 1994. It describes a protocol for representing an arbitrary fax
document as a bitmap, encrypting it, and encoding it for transmission.
The user inputs a password (4-20 characters) to be used as a session key.
However, no encryption algorithm is specified. (The patent suggests the
familiar method of seeding a PRNG with the session key, and XORing the
resulting stream with the plaintext bitmap.)
Assuming this is in fact the scheme PrivaSoft uses, I posit that their
"crypto engine" consists of a patented (by someone who now works for them ?)
protocol wrapped around a proprietary encryption algorithm.
20 characters (the patent doesn't discuss constraints on the character set,
AFAIK) looks rather short. This is one possible reason for the Commerce
Dept.'s export approval.
http://www.megasoft.com/privasoft/about.html discusses PrivaSoft.
ftp://town.hall.org/patent/data/05321/05321749 is the text of Patent 5,321,749.
-Futplex <[email protected]>