johnp@ihuxf.UUCP (12/11/86)
Posting for a friend. Does anyone have knowledge of programs available in the UNIX environment that allow encryption with a secret password yet decryption with public keys? Net discussion encouraged but private responses can be directed to ixlpo!mhk. Thanks in advance.
devine@vianet.UUCP (Bob Devine) (12/13/86)
In article <3072@ihuxf.UUCP>, johnp@ihuxf.UUCP (John Schleicher) writes: > Does anyone have knowledge of programs available in the UNIX environment > that allow encryption with a secret password yet decryption with public > keys? Of what practical use would such a program be? It seems similar to a door that you can close but any burglar can open. Is this for authentication? confusedly yours, Bob Devine
srt@duke.UUCP (Stephen R. Tate) (12/18/86)
In article <3072@ihuxf.UUCP> johnp@ihuxf.UUCP (John Schleicher) writes: > >Does anyone have knowledge of programs available in the UNIX environment >that allow encryption with a secret password yet decryption with public >keys? > Any public key system that uses commutative encryption/decryption functions will do what you want. The common RSA scheme will work by using the private key normally used for decryption to encrypt the message, then the public key will decrypt. Make sense? However, I agree with a later posting: what's the point? Verification? Why didn't you say so? On the practical side, surely somebody has written a public domain RSA system. Right? Somebody speak up! If not, then there's a definate shortage in the PD Unix software.... If nobody posts anything in the next week, I'll come up with something. -- Steve Tate UUCP: ..!{ihnp4,decvax}!duke!srt CSNET: srt@duke ARPA: srt%duke@csnet-relay
btb@ncoast.UUCP (Brad Banko) (12/19/86)
I'm sure I won't be the first to want to clarify this for Bob Devine. Public Key cryptography is a system where encoding and decoding are controlled by separate keys which are hopefully underiveable from each other even if the system is known. Martin Gardner has discussed the concept in Mathematical Games (I think it was him) as well as one specific method using large prime numbers and their products for the process. So, what you have are two separate keys for each encryption. One is know only to you, and the decoding key is known only to the person that you send the encrypted message and you. A way around this is for two people to use each others keys: text => your key1 => his public key => cipher cipher => his key1 => your public key => text Both your 'key1's are known only to yourselves, hence, if he gets a message from you, he can only decode it with your public key, and his private key (his key1)... since only you know your key1, only you could have sent the message... a signature. -- Brad Banko ...!decvax!cwruecmp!ncoast!btb Cleveland, Ohio
dko@calmasd.CALMA.UUCP (Dan O'Neill) (12/21/86)
Ahh.. Public Key Encryption.. what fun! For a good overall introduction to this method of cryptography, read the following article: Public Key Cryptography BYTE magazine, January 1983, page 198 This is a good article! It covers a broad range of topics on the subject including differences from conventional cytptosystems, the RSA public key system (Ron Rivest, Adi Shamir & Len Adleman of MIT), how to find large prime numbers, how to encrypt using RSA, how to decrypt, how to derive the keys, digital signatures for mail and such things and finally, a sample encryption program written in BASIC. Have fun! -- Dan O'Neill uucp: {ihnp4|seismo|ucbvax}!sdcsvax!calmasd!dko (619) 587-3112 arpa: "calmasd!dko"@ucsd.arpa "Say, isn't that one of those new two-way diodes?" - db
henry@utzoo.UUCP (Henry Spencer) (12/23/86)
> ... surely somebody has written a public domain RSA system. > Right? Somebody speak up! If not, then there's a definate shortage in > the PD Unix software.... If nobody posts anything in the next week, I'll > come up with something. Be careful: RSA is patented, and publication of such a system would surely be a patent infringement (i.e. check with your lawyer first). -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry
devine@vianet.UUCP (Bob Devine) (12/23/86)
In article <1828@ncoast.UUCP>, btb@ncoast.UUCP (Brad Banko) writes: > I'm sure I won't be the first to want to clarify this for Bob Devine. The only clarification needed was in what I wrote. What I mushily posted was an attempt to find out the intended use of the public-key cryptosystem. I was wondering if something besides authentication was in the works. From an exchange of mail, my query was answered; the poster wanted authentication for mail. > Public Key cryptography is a system where encoding and decoding are > controlled by separate keys which are hopefully underivable from each > other even if the system is known. Almost. The two keys are inverses and, theoretically, are derivable from each other. What makes the RSA system secure is the enormous computational effort needed to go from public-key to private-key for a large key. A small key can be derived with a generic computer. The explosion of effort required for larger and larger keys makes cracking expensive (to put it mildly). In the RSA algorithm, the "system" is known by whomever can photocopy the article or the many other articles inspired by RSA in the public literature. > So, what you have are two separate keys for each encryption. > One is know only to you, and the decoding key is known only to the > person that you send the encrypted message and you. A way around this > is for two people to use each others keys: > > text => your key1 => his public key => cipher > cipher => his key1 => your public key => text If authentication is all you want, the above interchange is not really needed; it provides security as well as authentication. In your notation, it is done this way: plaintext => decrypt with private key => cipher send or store message cipher => encrypt with public key => plaintext This is what the initial poster asked about. Note that both schemes have a lot of hand-waving about them as to how the key pairs are generated and who/what holds onto the public keys. The hard part is not always the keys; it is identifying the implicit trusts and dealing with them. I'm working on a public-key system and, unfortunately, it won't be available for public domain use. Bob Devine
rab@well.UUCP (Bob Bickford) (12/23/86)
There was an excellent article on this general subject in the October 1985 issue of _Communications of the ACM_ in which the author presents scenarios showing how to use a given encryption system to build an information-secure society (in other words, keeping your privacy!). I recommend it. -- Robert Bickford {lll-crg,hplabs}!well!rab terrorist, cryptography, DES, drugs, cipher, secret, decode, NSA, CIA, NRO. The above is food for the NSA line eater. Add it to your .signature and you too can help overflow the NSA's ability to scan all traffic going in or out of the USA looking for "significant" words. (This is not a joke, sadly.)
martin@entropy.ms.washington.edu (Don Martin) (12/24/86)
<> A complete RSA system in ratfor has been published in Dr. Dobbs J. This is by C.E.Burton The titles are: RSA: A public Key Cryptography Syste, Part {1|2} Dr Dobbs Journal, March 1984 pp.16-43 and June pp 32-59. Please note that Mr Burton retains the copyright so this is not public domain. Request- Could someone send me the name, phone number etc. of the corperation that holds the RSA patents. Thanks. Donald C. Martin (206)-543-1044 Biostatistics, SC-32 Univ. of Washington Seattle WA 98195
zhahai@gaia.UUCP (Zhahai Stewart) (12/24/86)
In article <7447@utzoo.UUCP> henry@utzoo.UUCP (Henry Spencer) writes: >> ... surely somebody has written a public domain RSA system. >> .... If nobody posts anything in the next week, I'll >> come up with something. > >Be careful: RSA is patented, and publication of such a system would surely >be a patent infringement (i.e. check with your lawyer first). >-- > Henry Spencer @ U of Toronto Zoology Henry, do you have any idea just what is patented? (I don't have a patent lawyer on retainer just now and it's such a bother to hire one during the holidays :-). I wonder if a system to do fast modulo exponentiation would be verboten? Sadly, patents are getting pretty ridiculous these days; algorithms are not supposed to be patentable, so what is RSA encryption but an algorithm? The patent office seems to allow a number of dodges now - put an algorithms into a ROM in a box that does something and you can patent it. Of course, the patent may or may not hold up in court, but it takes a lot of money to challenge it. Meanwhile, the threat is supposed to keep PD stuff from coming out. So it goes. Anyway, if you have any suggestions as to what is or is not claimed as patented by RSA Data Security Inc, it might help in defining whether some PD code in this area is worth looking into or not. I am not asking you for a legal opinion. <I have considered creating some PD public key stuff also>. ~z~ -- Zhahai Stewart {hao | nbires}!gaia!zhahai
jewett@hpl-opus.HP.COM (Bob Jewett) (12/24/86)
From my dusty archives... /***** hplabs:net.crypt / ucbvax!phr / 6:46 pm Jul 12, 1985*/ Subject: RSA cryptographic algorithm patented? The following letter appeared in the July, 1985 issue of BYTE magazine. I did not read the article that it refers to, but I find it ironic that after the inventors of RSA fought so hard to prevent the Government from classifying their work, they now are trying to use the patent system to suppress its widespread use. The letter: As part of his article titled "Implementing Cryptographic Algorithms on Microcomputers" (October 1984, page 126), Charles Kluepfel described an implementation of the RSA Public Key algorithm and the BASIC code required. Unfortunately, he did not reference that this RSA Public Key Cryptosystem was patented by the Massachusetts Institute of Technology in 1983 (U.S. Patent 4,405,829). The worldwide exclusive license to this patent was then purchased from MIT by RSA Security Inc., a company founded by the inventors of the RSA algorithm to develop this technology. Because the RSA algorithm has been published in academic journals, most people assume that it is in the public domain, similar to the DES algorithm. Unfortunately, some people have developed software and other products based on the RSA algorithm without researching this point. Nevertheless, the patent exists and, in the opinion of our corporate attorneys, will be easily defended. As RSA Security Inc. paid a great deal of money for the exclusive patent rights, we plan to actively police the commercial use of the RSA algorithm. The purpose of this letter is not to criticize either Mr. Kluepfel or BYTE for his article. Rather, the purpose is to make you aware of our patent position and ask for your help in educating your readership as to its existence. Based on Mr. Kluepfel's article, more people are going to start expending money and effort developing RSA-based software for commercial purposes. Regrettably, their effort will be wasted unless they obtain a sublicense from us. Therefore, we suggest you publish a reference to our patent in a future issue of BYTE to protect your readers from this lack of knowledge. Ralph Bennett President RSA Security Inc. Sunnyvale, CA 94087 /* ---------- */
newton2@topaz.berkeley.edu (12/24/86)
Well, I've dealt, as a developer of devices using PKC, with RSA Data Security, have negotiated (but not consummated) licensing agreements with them, and have invesitigated the roots of their patent claims. "The" patent is held by MIT, licensed to RSA Data Security, which offers sublicenses. I'd say it's at best murky just what MIT owns, and vastly more obscure what RSA Data Security is entitled to license to third parties. I have the documents around somewhere, but anyone seriously interested in exploitation of RSA should, I suppose, get in touch with RSA Data Security. However, I ofer my own experience to this extent: after *many* meetings with officers of the company, I came away more puzzled and suspicious (in ways too numerous, and some too subtle, to make explicit here) about just what they were about than I *ever* was in dealing with the friendly boy scouts of NSA. And as to help in implementing the system (they make a show of the fact that Ron Rivest and Len Adelman are supposedly hands-on principals of the company), well, let's just say I came to doubt there'd be any. Ditto for "certification" by R, S or A. Just to be fair (!), I guess I should mention that the company with which *I* was associated deliquesced before my uncomfortable feelings about RSA Data Security could be confirmed. Anyway, the original posting to sci.crypt concerned someone writing and publishing a public domain RSA package- you sure don't need a lawyer to do *that*. Patents reserve the right to make, use and sell artifacts which are narrowly and explicitly defined in the claims of the patent. Research and the disclosure of the fruits thereof are not among the prescribed activities, as far as I can tell. Making, using or selling such a program seems quite distinct from developing (i.e., inventing) it. A patent, even a valid and strong one (a minority) doesn't confer the right to make every other thinker curl up and die. Doug Maisel 56 Panoramic Way Berkeley, CA 94704 (415) 848-4257
newton2@topaz.berkeley.edu (12/24/86)
Er, in my previous posting I inverted the intended meaning: I *meant* to say that Research and its disclosure are not *proscribed* by a valid patent in the same field. What RSA Data Security hopes is *prescribed* is the paying of truckoads of royalties... Doug Maisel 56 Panoramic Way Berkeley, CA 94704 (415) 848-5247
srg@uw-apl.UUCP (Spencer Garrett) (12/25/86)
The patent office will issue a patent on just about ANYTHING. They seem to expect the courts to sort it all out. Recently an engineer I know managed to get a patent for what he thought was a novel encoding technique. This merely illustrates how out-of-touch both he and the patent office are. The rest of us have been calling his novel approach FM0 for at least 15 years.
newton2@topaz.berkeley.edu (12/26/86)
Keywords:Confirmed: patents don't necess. mean much As a several-times successful patent applicant (batting 1000), I endorse and agree with Spencer's remarks. Particularly if the claims are drawn with the specific intent of not obviously conflicting with extant granted claims (as I suppose every amoral lawyer would draw them, rather than point out that the *matter* claimed might well be equivalent), it would be a conscient- ious examiner who'd be as assiduous in protecting *all* the relevent prior patents as their holders might be in court. I'm not alluding specifically to the RSA patent, which discloses a method which really is novel, useful and (on the non-legally-technical level at least) self-evidently inventive and deserving of the grudging, teeth-gnashing admiration of all who now find it self-evident. What's eyebrow-raising about the patent is the seeming ease with which a hitherto hazy zone of invention was brought under the patent tent. Doug Maisel 56 Panoramic Way Berkeley, CA 94704 (415) 848-5247
sewilco@mecc.UUCP (Scot E. Wilcoxon) (12/27/86)
In article <2050@jade.BERKELEY.EDU> newton2@topaz.berkeley.edu.UUCP () writes: >... >Anyway, the original posting to sci.crypt concerned someone writing and >publishing a public domain RSA package- you sure don't need a lawyer to >do *that*. Patents reserve the right to make, use and sell artifacts >which are narrowly and explicitly defined in the claims of the patent. >... Software can be seen as a manufactured device, but copies are cheap and easy to make. A peculiar combination which some lawyer probably finds interesting. An individual can make a patented device for personal use. I think patent law otherwise prohibits making a patented device, so even manufacturing without a profit or without even knowing of the patent is illegal. Making a public-domain RSA program is probably illegal. Anyone can make one for personal use , but probably your company can't use it. Publishing one seems the same as manufacturing it without a profit. -- Scot E. Wilcoxon Minn Ed Comp Corp {quest,dayton,meccts}!mecc!sewilco (612)481-3507 sewilco@MECC.COM ihnp4!meccts!mecc!sewilco National Enquirer seers: 4 Reality: 360
rab@well.UUCP (Bob Bickford) (12/27/86)
In article <112@uw-apl.UUCP>, srg@uw-apl.UUCP (Spencer Garrett) writes: > > The patent office will issue a patent on just about ANYTHING. They seem to > expect the courts to sort it all out. Recently an engineer I know managed to > get a patent for what he thought was a novel encoding technique. This merely > illustrates how out-of-touch both he and the patent office are. The rest of > us have been calling his novel approach FM0 for at least 15 years. Sounds familiar. On a related point, you should know that no patent law can prevent you, as an individual, from building and using one of ANYTHING for your own intellectual amusement and/or enjoyment. -- Robert Bickford {hplabs, ucbvax, lll-lcc, ptsfa, msudoc}!well!rab terrorist cryptography DES drugs cipher secret decode NSA CIA NRO IRS coke crack pot LSD russian missile atom nuclear assassinate libyan RSA The above is food for the NSA line eater. Add it to your .signature and you too can help overflow the NSA's ability to scan all traffic going in or out of the USA looking for "significant" words. (This is not a joke, sadly.)
jeff@gatech.EDU (Jeff Lee) (12/28/86)
Does anyone know the patent number of the RSA encryption method? I saw the article a while back where they were claiming that the algorithm was patented and wanted to check it out. You might want to post this since some other folks might be interested in this, also. -- Jeff Lee CSNet: Jeff @ GATech ARPA: Jeff%GATech.CSNet @ CSNet-Relay.ARPA uucp: ...!{akgua,allegra,hplabs,ihnp4,linus,seismo,ulysses}!gatech!jeff
henry@utzoo.UUCP (Henry Spencer) (12/30/86)
> Henry, do you have any idea just what is patented? ... Not in detail. I believe they actually succeeded in getting a patent on the basic idea of RSA encryption, not just on a specific implementation. > ... I wonder if a system to do fast modulo exponentiation > would be verboten? Not unless you use it to do encryption! :-) More seriously, I doubt that the RSA patent covers encryption using large-number arithmetic in general; it's just the specific scheme using two big prime factors and their product for encryption that's patented, I would guess. > Sadly, patents are getting pretty ridiculous these days; > algorithms are not supposed to be patentable, so what is RSA encryption but > an algorithm? ... One can argue that it's not exactly an algorithm, but that's pretty thin ice. More to the point, the idea of being unable to patent an algorithm was always pretty silly: the whole idea of patents is to protect useful inventions, and a useful new algorithm, solving a significant problem in a novel way, would certainly seem to fit an intuitive definition of "invention". The fuss about algorithms resulted, as I understand it, from confusion with the natural-law exclusion (patenting something "invented" by nature is obviously silly, but there is no occurrence of RSA encryption in nature!) and the fuzzy boundaries between science, mathematics, and computer "science" (which is primarily an engineering discipline, whose inventions should obviously be patentable). -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry
henry@utzoo.UUCP (Henry Spencer) (12/30/86)
> [BYTE letter] ... I find it ironic that > after the inventors of RSA fought so hard to prevent the Government from > classifying their work, they now are trying to use the patent system to > suppress its widespread use... Please explain how you get this interpretation from the BYTE letter. The way I read the letter is that the patent owners are trying to use the patent system to prevent people from using their invention without paying them a royalty. This is precisely the purpose of the patent system, to give folks who invent something new and useful a weapon against ripoff artists (however well-intentioned). I'm sure the inventors of RSA would be *delighted* if their work was in widespread use *with royalties being paid*. Other postings suggest that the patent owners may have erected enough complications in licensing to effectively interfere with widespread use even with royalty payment. That's unfortunate, and indeed ironic, but the BYTE letter gives no hint of it. -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry
henry@utzoo.UUCP (Henry Spencer) (12/30/86)
> Anyway, the original posting to sci.crypt concerned someone writing and > publishing a public domain RSA package- you sure don't need a lawyer to > do *that*... You may shortly thereafter need lawyers, though, to defend against a patent-infringement suit! Seriously, it is *not* obvious that doing such a thing would not constitute infringement. It is not sufficient to have a plausible argument that what you're doing isn't infringement; you have to make the court agree. > Patents reserve the right to make, use and sell artifacts > which are narrowly and explicitly defined in the claims of the patent. > Research and the disclosure of the fruits thereof are not among the > [proscribed] activities, as far as I can tell. Making, using or selling such > a program seems quite distinct from developing (i.e., inventing) it. I fear I am unable to follow the distinction being made here; can you explain in more detail? I am told that the RSA patent is, essentially, on the RSA algorithm itself, not on any specific implementation of it (in the same way that the patent on the geodesic dome covers all geodesic domes, no matter what materials they use or how they are erected). This would appear to reserve the right to make, use, and sell RSA-algorithm encryption systems. I fail to see how "making" such a system can be distinguished from "developing (i.e., inventing)" it. > A patent, even a valid and strong one (a minority) doesn't confer the right > to make every other thinker curl up and die. It just confers the right to require him to pay royalties for practical uses of results of your thinking. Think about RSA all you want, but using it for practical purposes is a different matter. -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry
henry@utzoo.UUCP (Henry Spencer) (12/30/86)
> An individual can make a patented device for personal use. ... > Making a public-domain RSA program is probably illegal. Anyone can make > one for personal use... I implore people to get professional advice before making major decisions based on this. My understanding is that the patent laws, as opposed to the copyright laws, do *not* contain any such "fair use" exemption. It is, of course, unlikely that RSA will (a) find out about or (b) sue about such use, but technically they could. > I think patent > law otherwise prohibits making a patented device, so even manufacturing > without a profit or without even knowing of the patent is illegal. As I understand it (again, consult a professional before doing anything drastic), whether you make (or intended to make) a profit is irrelevant, as is whether you knew about the patent. -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry
newton2@topaz.berkeley.edu (12/31/86)
Keywords:Fair use of RSA patent; Licensing status I didn't make myself sufficiently clear. I was responding narrowly to an earlier posting that seemed to warn against someone *writing* an RSA based package, motivated by the absence of extant public domain software, and posting it. That act seems to me akin to developing an improved version, or just a model confirming the truth and adequacy of the patent disclosure. You might not be able to patent it yourself, due to the prior art, but you don't need permission from RSA to try. Publishing the results of your own effort (not making a crypto device using RSA, which is what's patented) seems OK to me (and this all begs the question of the never-tested merits of the RSA patent). After all, there have been plenty of papers published about RSA- no infringement was claimed by Ralph Bennett :>). By the way, I didn't mean to leave the impression that RSA Data Security placed insurmountable hurdles athwart any attempt to sublicense the MIT patent; only that the company seemed a little shaky, and it wasn't clear what they could/would offer beyond hands off. Doug Maisel 56 Panoramic Way Berkeley, CA 94704 (415) 848-5247