NSA Turns To Commercial Software For Encryption (fwd from brian-slashdotnews at hyperreal.org)
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Oct 28 21:59:54 PST 2003
"Dave Howe" <DaveHowe at gmx.co.uk> writes:
>I was under the impression they had just licenced their *patent*
Yup, and that's all they did. I've seen some downright bizarre
interpretations of this particular portent on the web (<cough>
slashdot</cough>), but the simple fact is that the NSA, in its role as the
agency responsible for overseeing crypto use by the USG, got a blanket
Certicom patent license for cases where ECC (of the Certicom-patented variety)
is used, just as they got a blanket DSA license for DSA, and would have had to
get a blanket RSA license before that if it hadn't been USG-funded work and a
blanket DES license if IBM hadn't made the patent freely usable. Certicom's
PR folks, seeing an opportunity, put out a press release saying that the NSA
had licensed their patent(s). This does not mean that the NSA is about the
drop their own crypto for ECC (definitely the silliest interpretation of
Certicom's press release I've seen), nor is it a sign that they believe RSA is
dead or that the end of the world is nigh, etc etc etc.
Peter.
More information about the cypherpunks-legacy
mailing list