[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP



> From: [email protected]
> I know that it was wrong to steal the RSA code for
> a shareware alternative, but [...]

Nobody stole code.  PGP infringes on (at least) U.S. Patent
4,405,829, which covers the RSA algorithm.  Personally, I have no
qualms about exponentiating in any algebra I please.

As to the question of "whether RSADSI are good guys": they
certainly could be.  However, I don't see RSA doing a hell of a lot
to promote crypto use -- the opposite, in fact.  Their software
output is hardly impressive for a corporation of a decade's
standing.  They won't sell me a license -- they'll sell it to Lotus,
but I can't see their source code.  The government hasn't banned
public-key encryption, but it's banned patent-infringing public-key
encryption.  And for practical purposes, that's the only kind there
is.  

The combined effect of present patent law and RSA's "sue first,
write code later" approach has been to stifle the development of
cryptography in this country and in the world.  Perhaps if
encryption algorithms were not encumbered, they would already be in
common use, rendering Clipper untenable.  If RSA Inc. wishes to sell
me a license I shouldn't have to buy, that would be nice.  If they
wish to show their change of heart in some other way, that would be
nice too, as long as it doesn't come with a licensing agreement like
RSAREF's.  But if they're going to continue to sit on their patents,
I'll do without their blessing.

Incidentally, I don't think the issue of algorithm patents is as
minor as some have portrayed it.  It has blocked the use of RSA,
after all, giving Clipper a window.  Furthermore, there are patents
on approximately every other cryptographic technique: PK in general,
exponential key exchange, LUC, IDEA, DigiCash, ....  Patents may gut
cryptology the way they have data compression, to pick one example.
This would be a shame.

   Eli   [email protected]