Is there some reason that we shouldn't pick a different public key encryption algorithm than RSA to use as a freely-available standard? The PGP docs imply that "almost" all practical such schemes are patented, implying that some are not. The legitimacy problems of PGP are a major roadblock to widespread use of encryption, IMO. Let's get something in the public domain! derek
Derek Zahn says:
Is there some reason that we shouldn't pick a different public key encryption algorithm than RSA to use as a freely-available standard? The PGP docs imply that "almost" all practical such schemes are patented, implying that some are not.
All are patented in so far as one of the patents covers ALL public key schemes. Some, like Rabin's scheme, have possible technical advantages over RSA. (For the curious, Rabin's scheme is provably equivalent to factoring, whereas RSA is not. Rabin's scheme is, however, vulnerable to chosen plaintext attacks, but adding things like initialization vectors stops that from being a problem.) Perry
Derek Zahn says:
Is there some reason that we shouldn't pick a different public key encryption algorithm than RSA to use as a freely-available standard? The PGP docs imply that "almost" all practical such schemes are patented, implying that some are not.
All are patented in so far as one of the patents covers ALL public key schemes. Some, like Rabin's scheme, have possible technical advantages over RSA.
How about that public key scheme they came up with in Australia a while back? And why should RSA's patent be so construed as to cover ALL public key schemes? Because Jim Bidzos says so? -- Ed Carp, N7EKG erc@apple.com 510/659-9560 anon-0001@khijol.uucp If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever"
Ed Carp says:
Derek Zahn says:
Is there some reason that we shouldn't pick a different public key encryption algorithm than RSA to use as a freely-available standard? The PGP docs imply that "almost" all practical such schemes are patented, implying that some are not.
All are patented in so far as one of the patents covers ALL public key schemes. Some, like Rabin's scheme, have possible technical advantages over RSA.
How about that public key scheme they came up with in Australia a while back?
I don't know why I should trust it, and there are schemes I do trust available that work fine, like Rabin's or even RSA.
And why should RSA's patent be so construed as to cover ALL public key schemes? Because Jim Bidzos says so?
No, because the patent says so. The patent might be overbroad -- indeed, I'd say that it is, but the only way to get it thrown out is to have it reexamined or get the courts to toss it. If you have several hundred thousand dollars available I'll gladly arrange to have this done. Perry
participants (3)
-
derek@cs.wisc.edu -
khijol!erc@apple.com -
Perry E. Metzger