[cryptography] Dual EC backdoor was patented by Certicom?

Tanja Lange tanja at hyperelliptic.org
Sun Jun 15 23:32:54 EDT 2014

Dear Thierry,

> I looked at the primary documents in the USPTO databases. The part that 
> is missing from the US patent 8,369,213 (i.e. missing from the original 
> filing and the European patent I suppose) is now in the pending patent 
> application US-2013-0170642-a1.
No. That one contains other mechanisms of escrow avoidance. 
Citing myself here
" Interestingly, the claims in the new application [13770533.pdf pages
51–55] do not actually cover Dual EC exploitation: they are for other
mechanisms of Dual EC escrow avoidance. However, Certicom is still free
to file further claims for Dual EC exploitation, retaining the original
21 January 2005 priority date. As of February 2014, the new application
is under examination. It was published on 4 July 2013 as publication US

> Are these inventors claiming to have *invented* the backdoor in this 
> PRNG method? At least an USPTO examiner hints at this: "[claims now in 
> US-2013-0170642-A1] are drawn to establish escrow key with elliptical 
> curve random number generator." The inventors *describe* the escrow 
> technique but need not *claim* it.
Their claims only cover _usage_ of the back door and avoidance of the
back door, they do not claim to have invented the back door.

> Note also that the earliest (USA) filing date is 2005/01/21 as a 
> provisional US patent application number 60/644982.
> >>In contrast, I would have said that Certicom's responsibility as a
> >>participant in Internet security is to declare and damn an exploit, not
> >>bury it in a submarine patent.
> >>
> Technically, this is not a submarine patent. The publication date is 
> 2007/08/16 (soon after the international-treaty-based 18 months delay 
> after the filing date applicable to the non-USA patent jurisdictions) 
> and anyone could have access to this information by then.
Note that the publication date of the international application
(verbatim the same) was 2006/07/27.


More information about the cryptography mailing list