Re: [Cfrg] Comb algorithm IPR status (was: Results of the poll: Elliptic Curves - preferred curves around 256bit work factor (ends on March 3rd))
Benjamin Black <b@b3k.us> Fri, 06 March 2015 02:54 UTC
Return-Path: <b@b3k.us>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F0F71A9176 for <cfrg@ietfa.amsl.com>; Thu, 5 Mar 2015 18:54:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oq9d7SQOUTeA for <cfrg@ietfa.amsl.com>; Thu, 5 Mar 2015 18:54:48 -0800 (PST)
Received: from mail-ie0-f169.google.com (mail-ie0-f169.google.com [209.85.223.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9A141A9177 for <cfrg@irtf.org>; Thu, 5 Mar 2015 18:54:47 -0800 (PST)
Received: by ierx19 with SMTP id x19so82368755ier.3 for <cfrg@irtf.org>; Thu, 05 Mar 2015 18:54:47 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=KmRpALwX/BpaoINSOQ4DR2OQ+9gJ7p/zGI9YU9Qn8cE=; b=lRnlxqxHtKQncHjj3H413uCogZ6LKpzqw1ptLhkqjjxehB5Typ69h13WjLICnSlFuV v2z4APk3Dk0c9eCtlarydBrlmP/zeTf2NdCKuRDH2DaOTBRGJ1cLmTozHvow2/pbwFq1 cb3cM3ycC+h2td7qoMYDmxBq52ezEiEnUtilyB+wcGHm2UNMbD2FenrKw6ByJln/MT3V XLkmMoBrLsCQ/BZABo9l1sNhf/5QWeGsNw8gK09DXLlYptkIPJ/qQC2AWf8UhmYxAC1w Xdw+YCnSlU3T4iunZvuZ1bXKovxxQSvNYfd1r9RUddvXJ6Ogpw/0FvYbZ74mFKoFqcUy 6uGw==
X-Gm-Message-State: ALoCoQkFZmCWwVHFiWEG6ZChH8HcjbSl/S8/iHL9T/CcUSsdmVEra8wEL9QYjG0AZbxoR3/0+9+G
X-Received: by 10.107.136.14 with SMTP id k14mr9459155iod.53.1425610487230; Thu, 05 Mar 2015 18:54:47 -0800 (PST)
MIME-Version: 1.0
Received: by 10.36.28.145 with HTTP; Thu, 5 Mar 2015 18:54:27 -0800 (PST)
In-Reply-To: <54F905BA.4020102@akr.io>
References: <54EDDBEE.5060904@isode.com> <54F8E2B1.80304@isode.com> <CA+Vbu7y-6ocP9yPrYYVmSGyboHQvLzQFonzkejwE4jxOs0ww6A@mail.gmail.com> <7FFDF55A-61BC-4114-9E8B-F23E43C42426@shiftleft.org> <54F905BA.4020102@akr.io>
From: Benjamin Black <b@b3k.us>
Date: Thu, 05 Mar 2015 18:54:27 -0800
Message-ID: <CA+Vbu7ytzEa0kGhB62Go5TqK+p18NLPTEvtZcmxOo63ppKzJBA@mail.gmail.com>
To: Alyssa Rowan <akr@akr.io>
Content-Type: multipart/alternative; boundary="001a113ecad2ae08d0051095ce24"
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/nMADxdpAcKuE_Syss64oAzFLzVA>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Comb algorithm IPR status (was: Results of the poll: Elliptic Curves - preferred curves around 256bit work factor (ends on March 3rd))
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Mar 2015 02:54:50 -0000
There are only two possibilities: 1) The combs in the reference implementations of Goldilocks448 and NUMS 512 are not the same, in which case you have an existence proof of there being multiple techniques to achieve high performance and there never was a legitimate IPR concern. 2) The combs in the reference implementations of Goldilocks448 and NUMS 512 are the same, in which case you have the IPR concern express previously. Which is it? On Thu, Mar 5, 2015 at 5:41 PM, Alyssa Rowan <akr@akr.io> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > > [BB] What happened to the earlier, vigorous arguments by Robert > > Ransom, Alyssa Rowan and Mike Hamburg that Goldilocks448, and > > perhaps all of the curves based on large primes, would be covered > > by Microsoft IP? > > I don't recall saying that. Perhaps you misunderstood? > > > [MH] …Alyssa and I just want to make sure that the patent > > landscape is clear so that nobody infringes by accident. > > Mike is correct. It wasn't the curves in the (now-expired) NUMS draft > that concerned me, but that we might've chosen curves based on > benchmarked reference implementations covered by undisclosed patents. It > would have been a problem if the only elegant implementations of the > curves we'd picked were patented. Fortunately, that is not the case! > > > [MH] Since my code uses signed all-bits set combs, and if I > > understand correctly your patent specifically covers modified > > LSB-set combs, I don’t believe that my implementation has patent > > problems. Again, this is a property of the implementation and not > > of the curve. > > The advice I have received matches Mike's (and my) interpretation - > I don't think Ed448-Goldilocks (the curve or reference implementation) > has any IPR problems (although I obviously cannot make any warranties or > guarantees!). > > >> [MH] Nearly 6 months have passed and we haven’t heard anything > >> from legal. Do you have an update for us? > > [BB] I cannot comment on Microsoft as I am no longer there. > > Noted. > > Perhaps the other co-authors of the (expired) NUMS draft could? > > - -- > /akr > -----BEGIN PGP SIGNATURE----- > > iQIcBAEBCgAGBQJU+QWNAAoJEOyEjtkWi2t6FMAP/RquQAG8gsziWlEpJdokNU/K > 8fU93nyF9N+mECT4uV7wyzEhwSWPI4/VF1Uqu8zzMSlLj9qjye6XrCDU0XLMLcYr > jdQT9fhGEQc0w+WnLnmJNhKfGJfeSlLznu+ohlNdMFNmgecHsNOpdP95g4IJnITh > k6WwwaBZoNoqi4dAZSsy62XGteAu6YrecG8HuU82aUKw8YC+5TvTNnDIgNKfUCqt > 0y3DBWl8XEvo0o1PCpD7hp2nodWnNuBJTx9W4i2yDWqzzNSLJcYFPG1/ewI4Q8vS > rv76EaFbchu9f/qbza/Yu6I5Ngg2u/MdUyDUa6JmvCnDiJrso0T62hfx1fLmAKrW > Ia3t0nFw0bKxkHhNbC9Mlzp0s+ROZLvnSM9x4nxlN2ZAPhnzT0SOC24/fWVqtntu > NU7rADaJ35H5d9Up91yhCmUlFdxzt/JeVPi84xUUYvKmNY4LFiqIZiYbzCwhTVmd > c+wJChZXAmW7isqveqylEjXpf21LKDGPJyRFiiMX3gwmjKSbn0+L2ZkQoY+mZ2sK > xdVa9tjbgtWASAO6w+I/kxSMCXWvmvCMKvog+/RnKxz9xOqRjxytOSFpCOYpjQ1r > FYth11iakCwkPPIQBcZ6/m8G1DpKiF1XctOUyw9/HMoo7l0I0NKFmGpYU/5NIWlD > Q37S6dr3bFx5qRl1W15J > =lDFt > -----END PGP SIGNATURE----- > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg >
- [Cfrg] Rerun: Elliptic Curves - preferred curves … Alexey Melnikov
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Phillip Hallam-Baker
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Watson Ladd
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Stephen Farrell
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Yoav Nir
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Phillip Hallam-Baker
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Paul Hoffman
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Adam Langley
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Paul Lambert
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Simon Josefsson
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Watson Ladd
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Derek Atkins
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Damien Miller
- [Cfrg] On "non-NIST" Paul Hoffman
- Re: [Cfrg] On "non-NIST" stephen.farrell
- Re: [Cfrg] On "non-NIST" Paul Lambert
- Re: [Cfrg] On "non-NIST" Phillip Hallam-Baker
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Alyssa Rowan
- Re: [Cfrg] On "non-NIST" Stephen Farrell
- Re: [Cfrg] On "non-NIST" Tony Arcieri
- Re: [Cfrg] On "non-NIST" Tony Arcieri
- Re: [Cfrg] On "non-NIST" Damien Miller
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Dan Brown
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Dan Harkins
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… _MiW
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Rene Struik
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Ilari Liusvaara
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… David Leon Gil
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Andy Lutomirski
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Tony Arcieri
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Andrey Jivsov
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… David Gil
- Re: [Cfrg] Rerun: Elliptic Curves - preferred cur… Benjamin Beurdouche
- [Cfrg] Results of the poll: Elliptic Curves - pre… Alexey Melnikov
- Re: [Cfrg] Results of the poll: Elliptic Curves -… Benjamin Black
- Re: [Cfrg] Results of the poll: Elliptic Curves -… Watson Ladd
- Re: [Cfrg] Results of the poll: Elliptic Curves -… Michael Hamburg
- Re: [Cfrg] Results of the poll: Elliptic Curves -… Benjamin Black
- Re: [Cfrg] Results of the poll: Elliptic Curves -… Benjamin Black
- Re: [Cfrg] Comb algorithm IPR status (was: Result… Alyssa Rowan
- Re: [Cfrg] Comb algorithm IPR status (was: Result… Benjamin Black
- Re: [Cfrg] Comb algorithm IPR status Mike Hamburg
- Re: [Cfrg] Comb algorithm IPR status Alyssa Rowan
- Re: [Cfrg] Comb algorithm IPR status Benjamin Black
- Re: [Cfrg] Comb algorithm IPR status Benjamin Black