[cryptography] ECDSA - patent free?

Jack Lloyd lloyd at randombit.net
Wed Nov 9 13:53:11 EST 2011

On Wed, Nov 09, 2011 at 07:22:08PM +0100, Adam Back wrote:
> Any suggestions on EC capable crypto library that implements things without
> tripping over any certicom claimed optimizations?

They can claim whatever they want. Since they have more money for
lawyers than most open source projects, they win by default. Likely
most of the commercial implementations pay their tithe, regardless of
what they actually implement, for CYA purposes.

> (Someone pointed out to me recently that the redhat shipped openSSL is devoid
> of ECC which is kind of a nuisance!)

They also strip IDEA, even though the patents are expired. For some
reason RH legal seems especially frightened of crypto patents; it's
not like dozens of features of gcc, the kernel, etc aren't covered by
patents. This may partially be due the the lack of ambigiuity; for
instance they probably wouldn't strip a cipher that happened to be
covered by the claims of the IDEA patent that wasn't actually IDEA,
but at the same time nobody would use it because it was an unstudied
design. Whereas if the kernel is or is not violating a patent on RCU
or linked lists or whatever is a touch more subtle and ambigious.

I told them about RFC 6090 and they're 'looking into it' but I don't
expect much. It's too easy to have a hard rule of 'algos X, Y, Z' are

> Suite B pushed use of EC you would think would increase the interest in
> having clarity on the EC patent situation..

Cui bono?


More information about the cryptography mailing list