Slashdot Mirror
Is the RSAs Loss Everyone's Gain?
Rafael sent us a story over at ZD Net about RSAs Patents Expiring later this year. It talks about what it is likely to mean to us. Among other things, cheaper and more common encryption.
← Back to Stories (view on slashdot.org)
Don't hold your breath waiting for the patent to expire. The US government still has plenty of time to illegally and retroactively increase the term of patents. After all, they did it with copyrights. It wouldn't take much to convince the congresscritters that the RSA patent is an important matter of national security.
jd wrote:
Despite what many in the US think, the East coast does not mark the edge of the world, and people who sail beyond the horizon don't fall off.
RSA encryption has been used, freely, throughout Europe, for a considerable period of time. International versions of PGP, for example, can be found in many University FTP archives, and are widely used.
Yes, it does mean RSA can be used "freely" in the US, but that's about the limits of the benefit. One small continent, amongst many.
The facts here are certainly true, but that's not the whole story. A LOT of software development takes place in the US; all surveys I've seen have ranked the US as the largest software producer in the world (most of them rank India second). Key commercial products are developed in the US, and many key Free software projects (including the entire GNU project) are hosted in the US. All this software needs to care about the RSA patent, or risk lawsuits.
After the patent expires, none of this software need worry. European users will no longer have to use patches and alternate versions of American software, RSA code can be in the main code tree. RSA software developed outside the US will no longer feel like they need to offer an American version, since the rules will be closer together. This will make development easier across the board.
Besides, RSA isn't cutting-edge, by a long way. Yes, it's proved very resistant to attacks, and it's one of the best public-key encryption algorithms out there, but there's a lot of much newer stuff that looks like it could be more attractive in the long-term.
It may not be cutting edge, but it is the defacto standard protocol for encrypted internet communications. I wish more software would support DH/DSS, but they just don't. So-called "cutting edge" solutions generally have not been around long enough to be trusted, much less standard.
(IMHO, it's a mistake to rely on a "proven solution" in preference to looking ahead. If anyone cracks the primes problem, RSA is dead in the water. Instantly. No matter how "robust" it's been.)
Both needs to happen, you always need to be looking ahead to find new technologies. On the other hand, when implementing a real world system, you need proven, robust technology to rely upon. RSA is currently the tool used by most organizations to implement their PKI for this very reason.
In the future RSA may die, then they need to move to something else, but can you point them at a PKI technology: available right now, with a reliable track record spanning many years, with open cryptographic review spanning at least as long, that isn't succeptable to the "if anyone cracks the primes problem" vulnerability? Regardless, it's not a major vulerability, since that problem has been attacked from many different angles for centuries with no better solutions than the slow ones we have now.
----
----
Open mind, insert foot.
There is a need for RSA because it's the standard implementation cipher for SSL under IE and NS. Not all users for all applications are willing to use a command line, but I can line up all the people that want more assurance that their web-based security is up to snuff. It's what I do for a living when I'm not kicking naughty servers.
The expiration of the RSA patent will be a wonderful relief for many of us who have tried to negotiate a license for some sane SSL package -- Red Hat is currently your only salvation if you want to use a modern solution like mod_ssl with openssl to create your own apps. And yes, I know full well that IPSec and other ciphers could be used, but not for all the applications I need, unless I am severely mistaken and/or really dumb.
I have been accused of being otherwise, and more to the point, looked around for a while before giving in to the sad truth.
Remember that what's inside of you doesn't matter because nobody can see it.
There has been a tendancy for patents on computer-related stuff to block developments for so long that the patented matter to be an irrelevant obsolete technology by the time it becomes publicly available.
It may be that we need to start looking at elliptical algorithms, although it is unfortunate that the level of math required to understand it is greatly more daunting.
Hopefully there are a few years of "reasonable security" left in RSA...
If you're not part of the solution, you're part of the precipitate.
AFAIK the RSA patents are only valid in the USA,
and this will have little affect on code that
uses RSA. After all PGP and GNUPG are pretty
widespread inside and outside the USA.
The only affect should be on commercial (closed
source) code within the USA.
Now there should be no reason for RSA to be preferred key exchange, et al., alg.
This is yet another example where the general public in benefits once patents expire. Capitalism takes control and multiple companies can compete to provide the consumer with a better product for less money or for free. The set of laws that govern IP in the USA severely need to be reformed to work properly in the internet age. The RSA patent is one of few examples of a computer-related patent that still has usefulness after it expires. 17 years is too long for a government granted and subsidized monoply.
According to *The Code Book* by Simon Singh, the folks at Bletchley Park independently invented public key encryption before RSA did. Unfortunately it could not be publicised or patented, as it was a military secret.
Great Windows SFTP Server!
Euler said:
For any number m,
x^{\Phi(m)} mod m == 1
where \Phi(m) is the number of n<m for which gcd(n,m) == 1
If m has the prime factors p_1,p_2...p_k, then \Phi(m) equals the product of the (factors minus one), \prod_i (p_i-1)
RSA uses that property. I construct a m = p*q, where I know the prime numbers p and q. These are very hard to find out for you. I therefore know that \Phi(m) = (p-1)(q-1). I give you m and e, you give me y=x^e (mod m), I calculate d, such that (d*e) mod \Phi(m) = 1 and do
y^d = x^(d*e) = x^1 = x (mod m).
That probably wasn't really for Dummies... ;-)
- Alex
PS Can you tell I'm doing LaTeX lately?
*A large percentage of the Flat Earth Society are in the Southern states of the US.
RSA encryption has been used, freely, throughout Europe, for a considerable period of time. International versions of PGP, for example, can be found in many University FTP archives, and are widely used.
Yes, it does mean RSA can be used "freely" in the US, but that's about the limits of the benefit. One small continent, amongst many.
Besides, RSA isn't cutting-edge, by a long way. Yes, it's proved very resistant to attacks, and it's one of the best public-key encryption algorithms out there, but there's a lot of much newer stuff that looks like it could be more attractive in the long-term.
(IMHO, it's a mistake to rely on a "proven solution" in preference to looking ahead. If anyone cracks the primes problem, RSA is dead in the water. Instantly. No matter how "robust" it's been.)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Read the very informative page Opposing Copyright Extension.
Copyrights have been extended an average of about 1 year per year since 1962. The latest extension, the Sonny Bono Copyright Extension act of 1998 extends corporate copyrights to 95 years, retroactively. Since the stated purpose of copyrights in the constitution is to encourage the production of art and science by giving a monopoly for a limited time, retroactive extensions are IMHO unconstitutional. The current extension madness seems designed to make sure that Mickey never enters the public domain.
--
"L'IT c'est moi!"
Look guys... RSA was formed for the specific purpose of cornering the encryption market and they have been screwing the entire industry with their draconian licensing costs. Their patents are expiring -- do they really think that I, as a developer that has been putting up with their bugware and outrageouse prices for year, am going continue to license their bugware when there are numerous free, high quality implementations?
I think not. Ding, dong the witch is dead! The witch is dead! Hail to a new era when lions and hyenas can communicate securely! Death to RSA!
-- Slashdot sucks.
I'm not sure of the actual numbers anymore, with the popularity of Linux and the renewed interest in the Macintosh, but the percentage of Microsoft desktops is still probably over 80%. Microsoft already licensed the technology (and from what the article said for much cheaper than the average company could) and apparently uses it.
Encryption is for most people invisible, they go to an online shop and buy stuff. Maybe they notice that the little lock in the lower left corner is closed and maybe they don't. If RSA is a part of the protocol then its already there.
Most people don't care about pervasive encryption. When they're forwarding the latest joke they received to their friends and families they don't worry about encryption or digital signatures. People don't even bother encrypting email to their mistresses, their mistress probably can't be bothered to remember a private key.
The difference it will make is to people who sell the technology, it'll be a bit cheaper to them which might be important since for good or bad the current cost model for Internet Explorer and Netscape Communicator etc. is to be free (like beer, not speech)
I don't see that RSA patents has hampered the widespread deployment of PGP. Apathy on the part of the public has hampered the widespread deployment of PGP. I know personally that if people started sending me trivial things encrypted it'd probably hit the bit bucket unread.
Because RSA was patented, replacement algorithms were developed and used instead. GNU Privacy Guard as well as PGP 5.0 and later use Diffie-Hellman, DSA and/or ElGamal instead of RSA.
Besides, PGP doesn't use public-key encryption for the whole message. It uses RSA (or equivalent) only to encrypt a random "session key", which is then applied to the whole message using a symmetric cipher. PGP 2.x uses the IDEA cipher, which is also patented, and which is patented more widely than in just the USA.
Because of all the patent nonsense, I urge everyone who still uses PGP 2.x to upgrade to PGP 5.0 or higher, or to switch to GnuPG.
If you don't use any encryption tools yet, I recommend GnuPG.