when a fraud is a sale, Re: Rubber hose attack
David Jablon
dpj at world.std.com
Sat Nov 10 23:54:06 EST 2001
>Rick Smith at Secure Computing <rick_smith at securecomputing.com> writes:
>>[...] the [SP]EKE stuff is supposed to use the weak
>>secret to bootstrap a strong one without opening a crack that might allow a
>>dictionary attack on the weak secret. A slick idea.
At 07:04 AM 11/11/01 +1300, Peter Gutmann wrote:
>... contained within a minefield of patents and IP restrictions, which is
>killing its use. What would be necessary is either for someone (presumably
>with any army of lawyers to back them up) to state that a particular (sound)
>scheme was free of any IP restrictions, or for one or more of the groups with
>patents to state they'd allow everyone royalty-free use. As it is at the
>moment, it's just too risky to do anything. Even if someone has a technology
>which they claim is unencumbered, others may claim that they have some patent
>which covers it, or the situation is unclear enough to scare off companies who
>are afraid of lawsuits. As a result, no-one can do anything. [?]
That's quite the overstatement, easily shown by counter-example.
I know of just a few issued patents particularly relevant to this branch
of cryptography, not including the announced pending one for SRP.
Considering the hundreds of other crypto patents, or the thousands of
software patents in general, this little "minefield" seems relatively trivial
to navigate. These technologies are readily available.
I can only encourage the few bold. or not-so-stingy among us to find their
own way or (dare I say) inquire about licensing.
-- David
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list