[Cryptography] NSA and cryptanalysis

Jon Callas jon at callas.org
Tue Sep 3 12:28:29 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> 
> What is the state of prior art for the P-384? When was it first published?
> 
> Given that RIM is trying to sell itself right now and the patents are the only asset worth having, I don't have good feelings on this. Well apart from the business opportunities for expert witnesses specializing in crypto.
> 
> The problem is that to make the market move we need everyone to decide to go in the same direction. So even though my employer can afford a license, there is no commercial value to that license unless everyone else has access.
> 
> 
> Do we have an ECC curve that is (1) secure and (2) has a written description prior to 1 Sept 1993?
> 
> Due to submarine patent potential, even that is not necessarily enough but it would be a start.

My understanding is that of the NIST curves, P-256 and P-384 are unencumbered and that P-521 was dropped from Suite B because of IP concerns along with MQV. I don't pretend to speak with authority on any of it. The niggling things often don't make sense. I'm just saying what my understanding is.

	Jon



-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: iso-8859-1

wj8DBQFSJg4vsTedWZOD3gYRAka/AKChFoqbDL35bwkrSkeUWdLckNnh5QCfU2mh
7fBzDMh5JKvCI8Hu/AuIuk8=
=dv6q
-----END PGP SIGNATURE-----


More information about the cryptography mailing list