http://www.packet.com/flux/ The recently concluded merger of Security Dynamics Technologies Inc. with RSA Data Security Inc. may have offered us one of our last opportunities for insight into the bizarre and byzantine business world of commercial cryptography in America today. And one of the chief insights we've gleaned from Security Dynamics' filings with the Securities and Exchange Commission about the merger is that the company may have bought not only a lemon, but a lemon that, when swallowed, could make Security Dynamics double over with food poisoning. Why did Security Dynamics pay nearly US$300 million for RSA, a company which had less than $1 million in profit last year on revenue of some $11 million? Furthermore, its encryption patents will expire in four years, which means that all RSA really owns is its relationships with customers such as Netscape and Hewlett-Packard. Even worse, those patents are under attack at the moment through a lawsuit filed against RSA by Cylink Corporation, an RSA competitor holding similar patents that was a one-time partner in a failed joint venture with RSA. Another lawsuit pending against RSA, Security Dynamics, and Cylink was brought by Roger Schlafly, a cryptographic researcher who is attempting to invalidate any and all patents that might attempt to monopolize public key cryptography. Indeed, in a worst case scenario, what Security Dynamics may have purchased is a huge summary judgment (against itself) should Cylink actually prevail in its suits. According to Security Dynamics' recent S-4 filing with the SEC, "RSA has been advised that, in a letter to SDI following the announcement of the proposed merger, Cylink's general counsel asserted that Cylink's compensatory damages, conservatively estimated, would exceed $75,000,000 but provided no basis for such estimate." That's the kind of negative return on investment from an acquisition that we've come to expect from America Online (remember BookLink and WAIS Inc.?)!