[6529] in cryptography@c2.net mail archive
Re: legal status of RC4
daemon@ATHENA.MIT.EDU (Vin McLellan)
Fri Jan 28 15:42:57 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: cryptography@c2.net
From: Vin McLellan <vin@shore.net>
Cc: "Arnold G. Reinhold" <reinhold@world.std.com>
Message-Id: <E12E6DF-0001yc-00@nautilus.shore.net>
Date: Fri, 28 Jan 2000 02:53:01 -0500
Arnold G. Reinhold <reinhold@world.std.com> asked:
>Are you sure RC4 is a registered trademark? I've never seen anything=20
>that would indicate that.
RSADSI first filed for a US trademark on "RC4" in 1993. =20
RSA has used RC4 (R) since 1988 in "trade and commerce" (as the
phrase goes) to refer to the RSA-branded stream cipher Ron Rivest had
created for RSADSI. (RC4, I suppose, became a common law trademark -- in
the US and elsewhere -- sometime thereafter.) =20
The "RC4" trademark was formally Registered by the US Patent and
Trademark Office on August 15, 1995. =20
The USPTO registration number for RC4 is: 1911168.
The USPTO Trademark Database citation for RC4 is on the Web at:
<http://trademarks.uspto.gov/cgi-bin/ifetch4?ENG+REG+3+953890+0+0+370981+F+2
+3+1+MS%2f%22RC4%22>
Surely a RC4 TM is no surprise. Over the years, RSA has routinely
noted that "RC4" is a registered trademark trademark.=20
In the US and elsewhere, a trademark is intended to prevent
confusion among buyers by clearly indicating who is providing a given
product to the market. The basic idea is that a consumer should not have to
open a package (or do an MD5 hash on a digital product;-) to be confident
that his TM-based assumptions about the _source_ of a product -- and any
prior knowledge he has about vendor's support, QA, warranties,
compatability, business practices, etc., etc. -- are valid. =20
By the latter half of the 1990s, of course, almost everyone with a
computer had it loaded with a SSL ciphersuite -- which included a
clearly-labelled, RSA-coded, RC4 crypto module. (RSADSI's willingness to
gamble on Netscape and SSL and accept a fabled one percent of Netscape's
equity in return for permitting Netscape access to RSA's BSAFE ciphers,
including RC4, paid off <ahem> handsomely.)
I'm don't mean to be disingenuous. I acknowledge that there are many
who claim that the various independently-coded ARC4 ("Apparently RC4")
ciphers are functionally and otherwise equivalent to the RC4 implementation
found in RSA's BSAFE. Whether that is (or is not;-) the case -- it is
also clearly and incontestably true that none of the various ARC4-like
ciphers are actually coded, QAed, or sold by RSA Security.
Last year, Kalle Kaukonen of SSH and Rodney Thayer of Counterpane
even wrote an Internet Draft RFC --
http://search.ietf.org/internet-drafts/draft-kaukonen-cipher-arcfour-03.txt
-- to offer yet another version of "Arcfour." The RFC explains that they
hoped their Arcfour would smooth the transition to IETF-endorsed standards
from the earlier generation of defacto compsec standards (hich had the ill
but entreprenurial grace to be based on proprietary RSA ciphers, RC4
prominent among them;-)
These days, most people in the Craft would conceed that it would take
a humungous amount of gall for some individual, company, or committee --
anyone *other than* RSA or MIT Prof. Ron Rivest -- to publish a new cipher
labelled, say, "RC7." Which is not to say that it won't happen, of course.
(In response to a query in private e-mail for evidence off the RSA
website that RSA publicizes the RC4 trademark), I just did a quick search
of <www.rsasecurity.com> and pulled up three notable references to the RC4
trademark. See:=20
1. Specs for RSA's newest version of BSAFE Crypto-C toolkit:
URL: <http://www.rsasecurity.com/products/bsafe/cryptoc.html>
"Crypto-C includes all popular secret- and public-key encryption algorithms,
including the RC4=AE stream cipher, the high performance RC5...."
2. The 1998 announcement of BSAFE 4.0:
URL: <http://www.rsasecurity.com/news/pr/980608.html>
"RC2=AE and RC4=AE are registered trademarks and BSAFE is a trademark of RSA
Data Security, Inc."
3. The 1994 announcement of BSAFE 2.1:
URL: <http://www.rsasecurity.com/news/pr/940721.html>
"The RSA logo, BSAFE, RSA Public Key Cryptosystem, RSA Digital Signature,
RSA Digital Envelope, RC2, RC4, MD, MD2 and MD5 are trademarks of RSA Data
Security, Inc. [...]"
Surete,
_Vin
=20
Personally, I believe that Trust -- a value might be consistently
associated with a specific trademark -- is the critical factor in any
intelligent purchase of a cryptographic cipher or product. It doesn't seem
to matter much whether the buyer is an individual consumer, a corporate PO,
or a globe-girdling OEM. To the extent that Trust matters to end-users --
and many OEMs act like they believe that it matters a lot -- RSA's
trademarks come into play. =20
