Re: [Cfrg] Patents and the new elliptic curves
Benjamin Black <b@b3k.us> Tue, 16 September 2014 22:32 UTC
Return-Path: <b@b3k.us>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 580AD1A6F13 for <cfrg@ietfa.amsl.com>; Tue, 16 Sep 2014 15:32:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.077
X-Spam-Level:
X-Spam-Status: No, score=-0.077 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, LOTS_OF_MONEY=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m-0d1ecYPy3I for <cfrg@ietfa.amsl.com>; Tue, 16 Sep 2014 15:32:49 -0700 (PDT)
Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com [209.85.212.172]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B498E1A6F14 for <cfrg@irtf.org>; Tue, 16 Sep 2014 15:32:48 -0700 (PDT)
Received: by mail-wi0-f172.google.com with SMTP id e4so186883wiv.17 for <cfrg@irtf.org>; Tue, 16 Sep 2014 15:32:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=6A+0S7z1V58BHX1SZnIRuicx7ZoDuH7DbKMVV+bThQE=; b=ecMT93q+xZAkOmX2oTp4LkHSrI1bCUgAnUgaExHG7+VrGAeSadV2jKpq0zuHjG9KKb HXLqO7gLInzDfZFE4v6FNYV8JmpXvRU/pvo8/EkaebqIrLHAS9R3Q7/l/zTgI59aJDBA EFu8gzCrZniEPTRTJKWtczeVukW7FVZssE4Mnhi+eyHYYa2hR3yl4WPehAWdtt/Ti6+C HEhUWNmk47W2mf7lE8KbNVUo7Xlu9bJwSd0Fqzqyeza2z+f/LYN8R3U46sOC4DQBMOou ql2W+H4MA7B4pGPE3IyO1PIunNxh33NgjdGQc8dfrecbE008Z69FwrmN66GZgTTvJU3/ wmpg==
X-Gm-Message-State: ALoCoQnnFcq4+zFGwSohm5tBd5abzx54cE+GtVZoKdGwACGBzdQnt/HlQOLP2SclNdYgqLbjKcMR
X-Received: by 10.194.3.106 with SMTP id b10mr45788557wjb.3.1410906767226; Tue, 16 Sep 2014 15:32:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.216.95.143 with HTTP; Tue, 16 Sep 2014 15:32:27 -0700 (PDT)
In-Reply-To: <2145381D-E1C4-4CFC-A26F-879D775E6558@shiftleft.org>
References: <2145381D-E1C4-4CFC-A26F-879D775E6558@shiftleft.org>
From: Benjamin Black <b@b3k.us>
Date: Tue, 16 Sep 2014 15:32:27 -0700
Message-ID: <CA+Vbu7zsRnEFVo-kFHgCgxkNXpmPkcDjN56m58JG862MHox3cg@mail.gmail.com>
To: Michael Hamburg <mike@shiftleft.org>
Content-Type: multipart/alternative; boundary="047d7b3a838eac18ed05033654c9"
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/VP6imVLK9hEDMa5BNBeNMHvVrdA
Cc: IRTF Crypto Forum Research Group <cfrg@irtf.org>
Subject: Re: [Cfrg] Patents and the new elliptic curves
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Sep 2014 22:32:51 -0000
Mike, As I explained in that formerly private discussion, we have asked for an internal legal review on US7602907 as we were unaware of it at the time the code and drafts were written. I am not in a position to comment on whether it is a concern, and until that review is complete there is nothing for anyone to confirm or deny. Large companies work this way, including that avoidance of reading patents to limit exposure in the event of IP litigation. While bashing Microsoft and its employees seems to never go out of fashion, it is not merely unhelpful, but counterproductive and inappropriate here. We are participating in this process in good faith and assume everyone else is, as well, even if there are points of disagreement. It does strike me as odd you are criticizing us for not doing extensive patent searches when you haven't done so and BCP 79 does not require it. I hope everyone will be held to the same standard here, whatever it is. b On Tue, Sep 16, 2014 at 2:56 PM, Michael Hamburg <mike@shiftleft.org> wrote: > Hello CFRG, > > I’m concerned about patent issues which may affect the new elliptic curve > standards. > > There has been a side discussion involving several members of this list, > including some Microsoft researchers, on the subject of what patents may > apply to proposed curves and their implementations and in particular to the > NUMS curves. > > Microsoft has a policy of avoiding patent searches, not reading patents, > not commenting on patents etc, so they have not been particularly helpful. > However, I am concerned that the Microsoft-held US7602907 (and possibly > foreign equivalents) may apply to their implementation, covering the mLSB > combs algorithm. Benjamin Black has refused to confirm or deny this. The > NUMS code itself is still usable under the Apache2 license, but it has a > "mutually assured destruction” clause, and other implementations might > infringe. > > So I have a few questions for the list. First, am I right to be concerned > that US7602907 reads against the NUMS code? How does this interact with > the BCP, since the curve’s spec does not require the patent, but the > reference implementation does? > > Second, is anyone aware of other patents that may read on SafeCurves-style > Montgomery or (twisted) Edwards implementations, especially of the proposed > curves (\w+)25519, Curve41417, MS NUMS, Ed448-Goldilocks or E-521? It is > required that new curves be efficiently and securely implementable without > stepping on such patents, so it is critical to know what they are. > > Third, given that mLSB combs may be encumbered, does anyone have > information on the patent status of other state-of-the-art comb > algorithms? I’m particularly hoping that the signed all bits set (SABS) > combs algorithm used in Goldilocks is patent-free, but I have only > conducted a limited search. > > Thanks, > — Mike Hamburg > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg >
- [Cfrg] Patents and the new elliptic curves Michael Hamburg
- Re: [Cfrg] Patents and the new elliptic curves Benjamin Black
- Re: [Cfrg] Patents and the new elliptic curves Michael Hamburg
- Re: [Cfrg] Patents and the new elliptic curves Michael Hamburg
- Re: [Cfrg] Patents and the new elliptic curves Benjamin Black
- Re: [Cfrg] Patents and the new elliptic curves Watson Ladd
- Re: [Cfrg] Patents and the new elliptic curves Alyssa Rowan
- Re: [Cfrg] Patents and the new elliptic curves Benjamin Black
- Re: [Cfrg] Patents and the new elliptic curves Phillip Hallam-Baker
- Re: [Cfrg] Patents and the new elliptic curves Michael Hamburg
- Re: [Cfrg] Patents and the new elliptic curves Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] Patents and the new elliptic curves Alyssa Rowan
- Re: [Cfrg] Patents and the new elliptic curves Harry Halpin
- Re: [Cfrg] Patents and the new elliptic curves Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] Patents and the new elliptic curves Dan Harkins
- Re: [Cfrg] Patents and the new elliptic curves David Jacobson
- Re: [Cfrg] Patents and the new elliptic curves Michael Hamburg
- Re: [Cfrg] Patents and the new elliptic curves Harry Halpin
- Re: [Cfrg] Patents and the new elliptic curves Watson Ladd