CDR: Re: Rijndael & NTRU

Paulo S. L. M. Barreto paulo.barreto at terra.com.br
Wed Oct 4 01:09:14 PDT 2000 

On Wed, 04 Oct 2000, Vin McLellan wrote:

>          Not to take anything from Rijndael, which is both popular and 
> widely respected among many critical professionals, but I suspect that one 
> of the more long-lasting (pseudo-conspiratorial) theories about the 
> selection of Rijndael as the AES will be built around the fact that 
> Rijndael's design apparently allowed it -- and it alone of the final five 
> -- to escape the scope of a current US patent issued to Hitachi (which is 
> said to cover the use of data rotation in encryption.)
> 
>          (Thus -- as the tale may be told -- did the "inadequacies" of the 
> US Patent and Trademark Office define US and world crypto standards for the 
> 21st Century;-)
> 
>          I can't (for the life of me;-) figure out which of Hatachi's US 
> crypto patents this claim is based upon, but the formal Hitachi warning to 
> NIST -- dated last April -- that Hitachi had IP (US patents) which covered 
> AES candidates is at: 
> <http://csrc.nist.gov/encryption/aes/round2/comments/20000407-sharano.pdf>.
> 
>          I noticed, Paulo, that you were one of those who were 
> (unsuccessfully) nagging NIST for information about their reaction to the 
> Hitachi IP claims.
> 
>          Any thoughts -- or additional information to offer -- in the 
> aftermath of the coronation?

Hmm, pseudo-conspiratorial indeed, to say the least.

I certainly noticed the fact that Rijndael was not mentioned in the Hitachi
claim.  However, so did Bruce Schneier, and he pointed out that Rijndael's
ShiftRow operation is in fact a rotation, and so it should be also be
covered by Hitachi's claims.  Therefore, all AES finalists were
seemingly equally endangered.  I personally find Hitachi's claims absurd, and I
wanted to know whether NIST thought the same way as I did.

However, I think you might use the 21st century US legal system to manifest your
concerns, if indeed you have any, that Hitachi's patent hindered the choice of
any other algorithm (as this was rumoured a few days ago in this list -- I
wonder who posted it, don't you, Vin?), against NIST's own statement on the
contrary, made in the final report available from NIST's web site.

I'll bet most people that were committed (perhaps financially) to
any other of the finalists will show a reaction similar to yours. Well, this
reaction is not unexpected anyway -- just remember that saying about Greeks and
Trojans.

Auguri,

Paulo.

More information about the cypherpunks-legacy mailing list