[Cryptography] To what is Anderson referring here?

[Jerry Leichter]

On Jun 4, 2014, at 4:03 AM, fukami <lists at foo.io> wrote:
>> The following text appears in the Ross Anderson paper I just forwarded the link to:  "A security-economics example is the thicket of conflicting patent claims on authentication protocols, one of the two main reasons we’ve been unable to improve browser security and deal with phishing...."  What patents is he referring to?
> 
> I asked him myself on a different list. His colleague Richard referred to EKE and SPEKE as some of the more prominent examples.
Thanks to fukami and to everyone else who pointed this out.

I think we have the meat here for an Anderson-like study:  Has any actually made money from a crypto-related patent?  The EKE/SPEKE patents have blocked progress on authentication for years; but has anyone actually licensed them?

The results are of both theoretical and practical interest.  From a theoretical point of view, it would inform, with actual data, the debate about the public interest issues in patents:  If the only real effect of crypto patents is to make the subject of the patent unavailable to the public for the patent's lifetime, then patenting of such material does not fulfill the public interest goals of making inventions broadly available.  From a practical point of view, if it can be shown that patents in this area are essentially worthless - you pay to get a piece of paper, but no one will buy what you're selling - it might be easier to convince people to freely license their patents (assuming they get them at all).

Sounds like a nice master's thesis for someone in an economics department or some related field.
                                                       -- Jerry