tech-security: Re: cryptosrc-intl

Subject: Re: cryptosrc-intl
To: Johan Danielsson <joda@pdc.kth.se>
From: Steven M. Bellovin <smb@research.att.com>
List: tech-security
Date: 07/14/1999 20:21:51
In message <xofzp0zi6n6.fsf@blubb.pdc.kth.se>, Johan Danielsson writes:
>Thor Lancelot Simon <tls@rek.tjls.com> writes:
>
>> RSA have a patent that they _claim_ covers DSA.  The NSA, on the other
>> hand, has rather publically stated that they invented the relevant
>> technique first and can document it. 
>
>> Nobody seems to think RSA would get far in any court with an
>> infringement claim against someone using DSA, and RSA, despite
>> making a lot of noise early on, have yet to sue anyone...
>
>This isn't about logic, it's about politics. 
>
>If IDEA source code can't *exist* in the source repository because
>some use of the code might infringe on a patent, how can you have DSA
>code that also might infringe on another patent? As I see it, the IDEA
>case is equivalent to the DSA case. The difference is that Ascom might
>be more agressive about defending their patent since their patent
>expires at a later date.
>
>Neither the RSA patent nor the Ascom patent has been tried in court
>(as far as I know). You're not supposed to try patents in court,
>you're supposed to threaten people to try them in court.
>
>/Johan
>
It's also worth noting that according to my reading, Schnorr's patent applies 
only to smart-card systems.  See
http://164.195.100.11/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=/netahtml/srchnum.htm&r=1&f=G&l=50&s1='4,995,082'.WKU.&OS=PN/4,995,082&RS=PN/4,995,082
for the full text, but claim 1 starts:

	1. In a method for mutual identification of subscribers in
	a data exchange system working with processor chip cards
	and using identification data coded into the cards by a
	card-issuing center including subscriber-related public
	keys and stored in the respective chip cards along with
	private keys which have a logical relationship to the public
	keys, whereby random number-dependent check data are
	exchanged between the subscribers, comprising the steps of:

etc.  All claims follow from this one.  I have no idea if smart cards
are in the design space for NetBSD, or if there are other patents; this
is the only one I've seen cited.