Hi there,
On Wed, 10 May 2000, Vin McLellan wrote:
> > http://www.cyberlaw.com/rsa.html
good read, it got my brain chewing anyway. :-)
> The RSA guys, for whom I have been a consultant for many years, got a
> bitter laugh out of it. They said, basically, that Flinn had tried out the
> same arguments, several times, before judges, magistrates, and arbitators...
> and had been rebuffed or trounced each time.
Well I for one, as someone not expert in patent law, would love to hear as
good a plain-english rebuff to that article as that article itself was a
plain-english summary of their arguments. In particular the prior art
considerations (Pohlig-Hellman) seem quite compelling to my skin-deep
legal appreciation, and I would really enjoy seeing further discussion of
his section "How Can You Patent an Algorithm?" - namely the fact that US
patent law "appears" to only validate algorithms insofar as they relate to
physical means - abstract mathematical algorithms alone seem to be
disallowed under section 101 ... well, at least according to this article.
> The bottom line is that Patrick Flinn, Esq., could not convince his client,
> Cylink -- nor any other potential challenger to the RSApkc patent -- that
> his arguments would survive a trial, much less prevail. Cylink reviewed the
> case Mr. Flinn had spent several years researching, developing, and
> polishing, then decided to fire Mr. Flinn, settle with RSA, and purchase a
> RSApkc license from RSA.
The other bottom line is that so far the patent doesn't seem to have been
properly challenged, and as such all the FUD in the world doesn't answer
the critical question - would the patent stand up to rigourous objective
scrutiny? The fact companies may not have the funds or backbone to tackle
bloodthirsty opponents with legal firepower coming out their ears, and
difficult technical/legal arguments, and so "settle" (in whichever sense),
still does not answer that question. I am a legal dunce, and I necessarily
surrender myself to those who can provide their arguments in plain enough
terms. I'd appreciate any you might be able to throw into the ring for us
:-)
> No matter how exhilarating it may be to dream of yourself pulling down the
> RSApkc license in its final months, ya gotta wonder why this gangbuster
> version of Mr. Flinn's case was presented in the pages of a magazine, rather
> than in a US
> Federal courtroom? In a magazine article, of course, Flinn was able to
> escape both RSA response and the judge's ruling.
RSA seem (correct me if I'm wrong) to have escaped the courtroom
altogether so far. I agree that with the sand running out on the RSA
patent, that the question is moot in this case. But tackling the
underpinning assumption that these mathematical niceities (built upon
masses of "prior art") are fodder for patents is not so moot.
In particular, I would *really* appreciate any thoughts you have on the
following point: The RSA key-generation is a 2 prime "version" of the
Pohlig-Hellman key-generation (which has 1 prime). "Multi-primes" extend
the idea to more than 2 primes. As with all 3 (or more), the
key-generation is the only thing distinguishing the processes in theory.
In practise, the benefit of having more prime factors in the modulus
allows faster performance of private key operations using tweaks - which
is the sole reason for "multi-primes". However the more primes there are,
the lower the theoretical security of the keys, albeit that current
techniques are unable to exploit this. If any part of Flinn & Jordan's
argument is valid about Pohlig-Hellman (as prior art) invalidating the RSA
patent by way of it being "obvious", then that would extend naturally to
the recently patented "multi-prime" extensions.
FYI: Multi-prime RSA using optimisations is faster than regular RSA if you
accept the security implications of equivalent sized multi-prime RSA keys.
This optimisation is simply an extension of the CRT (Chinese Remainder
Theorem) technique already used to speed up 2-prime (RSA) operations. So
that CRT technique itself seems highly iffy to be patented. Which leaves
the mathematical consideration of the multi-prime keys themselves, and
their generation, to be debated (ie. I doubt the patent could rest on an
argument that it is a physical process, or an implementation invention,
because that should bang its head on the prior art I would have though).
Compaq (I believe) own the new patent issued for this, and RSADSI appear
(I believe) to have an exclusive license to the technology in the US. The
sand is not running out on multi-primes the way it is running out on RSA.
Any other crypto algorithms that appear could also be called into question
perhaps in similar ways ... so I'd rather not brush the discussion aside
as "moot".
Thoughts? And please correct or expand on any misinterpretations or errors
in what I've babbled about, and in the original article too.
Cheers,
Geoff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]