Interesting People mailing list archives
ip: Summary of RSA/Cylink Situation (was Re: Speaking of
From: David Farber <farber () central cis upenn edu>
Date: Tue, 26 Sep 1995 18:26:32 -0400
John R Levine <johnl () iecc com> wrote:
I got a press release today that said that Cylink had won its patent suit against RSA, and the court agreed that RSA had infringed Cylink's patents on public key encryption.
It's unfortunately much more complex than this. The dispute went to arbitration, where a ruling was made. Strangely, both parties now claim to have won completely. I've never seen two interrpretations of any legal document that are so different. There are actually two batches of patents involved in the suit, some from work done at MIT and some from Stanford. The MIT patents cover the RSA cryptosystem (a public key encrytion technique discovered by the founders of RSA Data Security, or RSADSI, which is a company), while the Stanford patents include Diffie-Hellman exponential key exchange and the original idea of public key cryptography. There are other ways to do public key cryptography besides RSA, though RSA is simpler and more popular than the other techniques. The Stanford patents, however, appear to cover the whold field of public key cryptography. Before this recent ruling, all the patents were controlled by Public Key Partners (PKP), which was run by Jim Bidzos. PKP was a partnership including Stanford, MIT, Cylink, and RSADSI and was run by Jim Bidzos, president of RSADSI. Cylink wanted to use and license the patents on its own, but was blocked by PKP, which started the whole mess. RSADSI has been selling toolkits that let people use technologies covered in the Stanford patents, and Cylink now claims that RSADSI didn't have rights to do this. Cylink has reportedly threatened to charge RSADSI's customers $50,000 each for using patents that weren't licensed correctly. RSA has now taken to claiming that the Stanford patents are invalid, to prevent Cylink from harrassing their customers. I think RSA is probably right here, since the Stanford patents weren't filed properly. (For example, they were submitted more than a year after the publication of the techniques they cover.) Meanwhile Cylink wants to be able to use the RSA cryptosystem without paying royalties to RSADSI, so they seem to now be claiming that the MIT patents are invalid! These patents actually seem fairly strong to me, so I don't think this claim would be likely to make it very far. Hopefully we'll know more soon about the situation. The outcome will have a big impact on the ability of companies to make and sell products using cryptography in the USA. Anything from encrypted encrypted telephones to secure e-mail to Internet commerce need public key technologies, so the outcome of the lawyering is quite important. Currently the patent licensing situation is a huge expensive mess for anyone trying to bring a product to market, and I'm hopeful that as a result of all this we'll soon have non-patented ways of doing public key cryptography. Cheers, Paul C. Kocher Independent cryptography/data security consultant E-mail: pck () netcom com Voice/FAX: 415-354-8004
Current thread:
- ip: Summary of RSA/Cylink Situation (was Re: Speaking of David Farber (Sep 26)