On Tue, 12 Sep 1995, Andrew Loewenstern wrote:
What about NeXT's Fast Elliptic Encryption (FEE)? Their research guy, Richard Crandall, came up with major speedups to elliptic curve encryption. In fact, there was a simple cryptosystem that shipped as a demo with NeXTSTEP 2.0. What was most interesting about this system was that it didn't store any keys anywhere; your public/private key pair was generated _on the fly_ from your passphrase every time you encrypted or decrypted....on a 25mhz 68040 too... and it was fast! It wasn't that great of an implementation (you _really_ need a lot of bits of entropy in that passphrase, and you can't change your passphrase without changing your PK), but it shows how fast NeXT's speedups are. And this was in 1990...
I'm not sure if the speedups are patented, but you could try a literature search. If it really is fast then it could mean good things for servers that need to do a lot of enrcyption/decrption for interaction with clients.
Yes, the speedups are patented. Their system relied on very specific curves with very specific properties. I purposly avoided coding up their method because of that. Their method is described in patent #5,159,632 dated Oct 27, 1992 and it uses a different equation (supersingular version) than what I implemented. The price is slower speed, but with 100 MHz processors you won't notice. Patience, persistence, truth, Dr. mike