[18907] in cryptography@c2.net mail archive
FW: How broad is the SPEKE patent.
daemon@ATHENA.MIT.EDU (Charlie Kaufman)
Thu Nov 10 18:03:04 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: Charlie Kaufman <charliek@exchange.microsoft.com>
To: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Date: Thu, 10 Nov 2005 14:46:42 -0800
(resending after bounce)
-----Original Message-----
From: Charlie Kaufman=20
Sent: Wednesday, November 09, 2005 8:59 PM
To: 'James A. Donald'; cypherpunks@jfet.org; cryptography@metzdowd.com
Subject: RE: How broad is the SPEKE patent.
---- James A. Donald said:
>Does SPEKE claim to patent any uses of zero knowledge
>proof of possession of the password for mutual
>authentication, or just some particular method for
>establishing communications? Is there any way around
>the SPEKE patent for mutual authentication and
>establishing secure communications on a weak passphrase?
That's the wrong question.
The patents related to SPEKE (at least the ones that have issued - there's =
no way to know whether there are additional submarines out there) are avail=
able free on line from the patent office. You can read the claims and make =
your own judgment.
The right question is whether there is any strong password protocol - eithe=
r known or that you invent yourself - that you can implement without fear o=
f being sued for patent infringement.
And the answer is no.
Patent claims, like the U.S. Constitution, mean whatever the courts decide =
they mean. The only way to have confidence that you won't be sued for imple=
menting any technology is to observe that lots of other people in similar s=
ituations to yours are doing it and not being sued.
I am not aware of anyone who is publicly shipping - either in a commercial =
product or as open source - an implementation of a strong password protocol=
without having paid protection money to either Lucent or Phoenix (or both)=
. It would be great if someone would.
But proclaiming that the King is wearing no clothes is not without risk.
--Charlie Kaufman
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
