Golden Key Campaign

Wei Dai weidai at eskimo.com
Wed Apr 24 14:23:16 PDT 1996


On Wed, 24 Apr 1996, Hal wrote:

> Rabin encryption would have the advantage that it could be used with
> existing RSA keys as long as the modulus is a Blum modulus.  PGP at least
> has always used Blum moduli, perhaps for this eventuality.  So an
> alternative encryption program could use Rabin encryption and work with
> the existing infrastructure of PGP keys.  It would not of course be
> compatible with PGP for encryption and decryption.
> 
> This doesn't solve the signature problem; I'm not sure if there is a
> signature algorithm which could use RSA public keys but which is not
> covered by the RSA patent.  In any case since PGP key certificates use
> RSA signatures it would not appear to be possible to validate key
> signatures without infringing on the RSA patents, so that cancels out a
> lot of the advantages of using existing PGP keys.

You can do signatures with Rabin too.  I have a version of it in
Crypto++ 2.0.  It's been out for a while and RSA hasn't bothered me about
it.

Does anyone want to explain why, given the alternatives, people continue
to use RSA and pay for it?

Wei Dai







More information about the cypherpunks-legacy mailing list