Why RSA?

Marc Horowitz marc at GZA.COM
Tue Sep 21 14:23:09 PDT 1993


>> * is there a reference I can read that covers the scope of
>>   public key crypto patents?

One of the PKP patents (don't remember which) covers the concept of
the encryption and decryption keys being different.  The RSA algorithm
(covered under a separate patent) is one way to implement this idea.

>> * in broad terms, what would I have to do to develop an
>>   algorithm that works from a user's perspective like
>>   p.k.c. (ie public/private keys, the central functional
>>   point of all the wonderful schemes based on pkc) but
>>   doesn't violate patents?

Write your code, sell it, wait for PKP to sue you, challenge them in
court, and win.

The problem here is that PKP has algorithmic patents (which many
people think should never have been valid in the first place) which
are very broad (covering pretty much all PKC) and cover ideas which
some people think are "obvious" (making them theoretical
unpatentable).  However, once a patent is granted, the only way to get
it thrown out is to challenge it in court.  This is very expensive.
So expensive that Uncle "Infinite Pockets" Sam himself didn't want to
try to free their own algorithm from PKP, and instead licensed it to
them exclusively (or so they claimed).

PKP's patents have never been tested in court.  This means that they
*may be* rotten to the core.  But before you try to sell your own
PKC-based system, make sure you have a bank account and an army of
lawyers as big as Jim's.

The other answer to this question is "leave the US".  This has nothing
to do with ITAR.  The PKP patents, for various reasons, only apply to
the US.

		Marc






More information about the cypherpunks-legacy mailing list