This is a bit late since the patent expires in September. However,
what do people think about this scheme? Firstly is it
cryptographically reasonable, and secondly does it genuinely avoid the
scope of the patent?
Whereas in RSA you form a modulus n as the product of two primes p and
q, in my scheme you set n = pqr, where all three are prime. The order
of the multiplicative group modulo n is now (p - 1)(q - 1)(r - 1).
You choose e and find d such that de is congruent to 1 modulo
(p - 1)(q - 1)(r - 1).
This will now behave in all respects identically to an RSA key,
although you will have to make the modulus bigger for identical
security. In fact, someone who is given e and n will find it almost
impossible to prove that it is not a genuine RSA key.
You could make a key like this into an X.509 certificate. The public
side will work with all software, since proving that it is not an RSA
public key involves factoring n and so is computationally infeasible.
The private half should work with just about all software, since it
has no reason to recalculate e and d.
----------------------------------------------------------------------
phone +44 (0) 20 8542 7856, fax +44 (0) 20 8543 0176, post:
Skygate Technology Ltd, 8 Lombard Road, Wimbledon, London, SW19 3TZ
