[cryptography] key exchange patented :)

James A. Donald jamesd at echeque.com
Thu Nov 22 16:06:10 EST 2012


On 2012-11-22 10:24 PM, ianG wrote:
> giving thanks to wisdom of intellectual property:
>
> http://www.forbes.com/sites/andygreenberg/2012/11/09/meet-the-texas-lawyer-suing-hundreds-of-companies-for-using-basic-web-encryption/ 
>
>
> the infringement lies solely in the use of the SSL or TLS �handshake�...
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>

Actually this does not patent key exchange:  It is a snake oil 
encryption system that has a superficial resemblance to systems actually 
in use.

You have two unspecified pseudo random generators at each end, which 
start from the same seed, the pre-shared secret.  Then, instead of 
directly xoring the key stream with the message, you use the output from 
each pseudo random generator to key RC4.

To be actually useful, the random number generator would need to be 
cryptographically strong, and if cryptographically strong, the RC4 step 
is redundant.

So the patented procedure is not only one that no one uses, it is one 
that no one would use.



More information about the cryptography mailing list