[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remember, RC4 is now PC1



At 4:31 AM 02/28/96, Mutant Rob wrote:
>It'd be funny if the next time somebody hacks a proprietary code, if they
>make some changes, redo the key schedule, perhaps in mind of
>strengthening the algorithm, and then post it to sci.crypt as "hey, I got
>this idea for a new crypto algorithm... what do you think?".  If the
>algorithm is different enough from the proprietary code version, with
>no clear connection between them, and the author can give full design
>rationale as if s/he wrote it from scratch, then what's a company to do?

Umm, if the _algorithm_ is different enough, it's a different algorithm and
it's not even an issue.   I guess you mean if the algorithm is the
substantially the same, but the code implementing it is substantially
different.

But I'm not sure that matters anyway.  The way I understand it with trade
secrets is:  If I'm an employee of PKP (let's pretend they have employees
who actually look at code), and they want to keep something a trade secret,
they make me sign a non-disclosure agreement.  If I break it, and they can
prove I broke it, I am in big trouble for breach of contract.   I guess if
I can make up a convincing enough lie about inventing it from scratch, I
can get off.  But if I work for PKP, I don't think I'm going to have too
much luck convincing a jury that I just coincidentally stumbled on the same
algorithm.

If I, who has signed a non-disclosure agreement with PKP, takes the trade
secret code and sends it to Mutant Rob, and Mutant Rob posts it near and
far, Mutant Rob hasn't done anything illegal, and hasn't broken any
contractual obligations, and is basically doing fine.  As I understand it.
So it doens't matter if he pretends he invented it himself or not.  Of
course, if they take him in the back room and introduce him to "Mr. Thingy"
(or make him testify in court, if you prefer), and they find out it was me
who sent it to him, I'm still in Big Trouble.

Trade secrets don't really have any legal standing or protection, for the
most part.  They're just things a company is trying to keep secret, for the
most part.  Generally by using non-disclosure agreements.