On Sunday, March 9, 2003, at 07:24 AM, Ben Laurie wrote:
b) Is it encumbered in any way (e.g. patents)?Schneier is usually good about pointing out when algorithms covered under patents, and the section in Applied Crypto mentions no patents. Googling for it though turns up <http://patft.uspto.gov/netacgi/nph- Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2Fsearch- bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F5140634> I am definitely not a lawyer so I don't know what this implies.
That sure looks like a patent to me - does it cover the algorithm you are thinking of (on the face of it, it sounds like it)?
So, although that's not necessarily a barrier to implementation, it may be a barrier to use. That would depend on their licensing terms.
However, looking at the bibliography in HAC, it seems the method _may_ have been presented at EUROCRYPT '88 - which would make the patent (filed in '91) invalid almost everywhere except the US. That would need verification, of course.
The couple cryptographers here at work I've asked about it didn't think it was patented, but then there's that USPTO doc which sure looks like a patent on it... I am not familiar with patent law at all so I have no idea what its true status is.
<http://theory.lcs.mit.edu/~cis/pubs/reyzin/forwardsig-optimal.pdf> and <http://www.cs.ucsd.edu/~daniele/papers/MMM.html> are two recent F-S Sig papers (MMM is the one I have actually implemented, with IR being added soon for comparative purposes)
What's the status of MMM, patent-wise? What licence are you using?
One of the MMM co-authors tells me that it is in the process of being patented through AT&T. I'm not sure of the patent status of Itkis-Reyzin or Belarre-Miner forward-secure schemes.
My implementation of MMM/IR/etc will ideally be under a BSD-like license (I duplicate portions of the OpenSSL RSA/DSA/ECDSA implementations, so those subcomponents would have to be under the OpenSSL license), assuming I can get that through the AT&T lawyers...
Thanks, Eric
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
