[18328] in bugtraq
Re: SRP is being patented - don't be so quick to use it.
daemon@ATHENA.MIT.EDU (Tom Wu)
Fri Dec 22 18:50:03 2000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <3A434105.B98B2028@arcot.com>
Date: Fri, 22 Dec 2000 03:54:45 -0800
Reply-To: Tom Wu <tom@ARCOT.COM>
From: Tom Wu <tom@ARCOT.COM>
X-To: Ken Raeburn <raeburn@MIT.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
Ken Raeburn wrote:
>
> David Wheeler <dwheeler@IDA.ORG> writes:
> > Trouble is, I understand that SRP is in the process of being patented,
>
> > A _very_ large number of developers, including essentially all open source
> > developers, _automatically_ avoid all patented algorithms unless there's
> > a generous patent grant. Patented algorithms cannot be used at all
> > in open source programs unless there's a patent grant to permit it.
>
> I got two things on this from Tom Wu when we talked at the last IETF
> conference about using SRP to better protect the initial exchange in
> Kerberos:
>
> 1) Stanford has granted such permission regarding the SRP algorithm
> described in RFC 2945, and the IETF has been sent a letter saying
> so. However, I haven't seen the letter and don't know the exact
> terms, so don't take this as gospel.
A copy of the letter/grant is in the LICENSE file in the SRP
distribution. The algorithm described in RFC 2945 is royalty-free
worldwide. This *is* gospel. :-)
> 2) There's another SRP variant, which I think is supposed to be a
> little more efficient in terms of message traffic in some
> situations, which is also (being?) patented, and for which this
> permission has not been granted. I don't know how the two differ.
The variant in question is known as SRP-Z, and uses an explicit
public/private parameter for each server instead of a fixed z. This
variant, which is not described in RFC 2945 nor implemented currently in
the SRP distribution, is less free.
> Since these problems have (supposedly) been addressed, I'm looking at
> moving forward with an Internet Draft for this use with Kerberos,
> pending my actually finding out the terms of the letter. (Though I'm
> also looking at Radia Perlman's "pseudorandom moduli" work.)
>
> Ken
Tom
--
Tom Wu
Principal Software Engineer
Arcot Systems
(408) 969-6124
