Remember, RC4 is now PC1
WlkngOwl at UNiX.asb.com
Thu Feb 29 02:08:49 PST 1996
> Umm, if the _algorithm_ is different enough, it's a different algorithm and
> it's not even an issue. I guess you mean if the algorithm is the
> substantially the same, but the code implementing it is substantially
Well, maybe something like using the same core algorithm but a very
different (and better?) key expansion algorithm, for instance.
> But I'm not sure that matters anyway. The way I understand it with trade
> secrets is: If I'm an employee of PKP (let's pretend they have employees
> who actually look at code), and they want to keep something a trade secret,
> they make me sign a non-disclosure agreement. If I break it, and they can
But what if someone reverse engineered an algorithm, worked on
it a few months, and then published something on the net, with a
different key set up routine, and a very similar core algorithm
(different for one or two operations, but an improvement) and
discussed it in terms of having constructed the algorithm himself.
It has nothing to do with anyone signing non-disclosure agreements,
since if the cipher is widely used in popular software, sooner or
later someone will reverse engineer it.
> Trade secrets don't really have any legal standing or protection, for the
> most part. They're just things a company is trying to keep secret, for the
> most part. Generally by using non-disclosure agreements.
And my point is that what if somebody publishes something and offers
it in the public domain that is strikingly similar but not the same,
with no clear way to tell if it was invented separately or reverse
engineered and fudged?
I can imagine a hacker doing that to another trade secret cipher... I
can also imagine someone reinventing the same cipher if it's simple
That's another problem with trade secrets.
Send a blank message with the subject "send pgp-key" (not in
quotes) to <WlkngOwl at unix.asb.com> for a copy of my PGP key.
More information about the cypherpunks-legacy