> The point however is that one should only embed a little portion in the > commercial application, which is the decoder who basically only evaluates > the polynomial Fv(Z)=B and little else. It's not clear if the patents > holders may claim copyright infringements on such a little portion of code.
But what about the encoder? It is still used to sign commercial applications, even if it is not released. I'm back to ECDSA, but now I'm thinking of dropping the first part of the signature and store it in the software and always use the same seed for the signature generation. I don't know how secure it is, but I'm also hoping on the fact that maybe when the crackers see ECC is used, they won't investigate much further for implementation flaws.
