Key length security (calculations!)

Hal hfinney at shell.portal.com
Sun Jul 17 16:58:55 PDT 1994


solman at mit.edu writes (quoting someone else initially):

>> You mention Shamir, etc.  However I would point out that even if any of the
>> original RSA mathematicians found a better factoring algorithm, they'd be 
>more
>> than likely to keep it under lock and key.  The obvious reason is that their
>> money supply depends on such an algorithm being suppressed.

>What about Shamir's triple pass key exchange protocol (explained briefly
>below). Its the perfect key exchange algorithm. It obsoletes Public key
>systems entirely as long as you only need to exchange keys and not
>authenticate. I'd say that is pretty decent evidence that he does still
>do things to help the field when it might hurt RSADSI. (although I wouldn't
>say the same thing about all of them)

I suspect this protocol is covered by the Diffie-Hellman patent, which is
quite broad, covering many sorts of key exchanges.  Diffie-Hellman is now
owned by PKP, the sister company to RSA.  If so, Shamir has not undercut his
own financial interests by this work.  (Also, this does not obsolete PK
since it requires several exchanges before communication can occur, making
it inappropriate for high-latency communications, such as for most email.)

Hal






More information about the cypherpunks-legacy mailing list