Is the RSAs Loss Everyone's Gain?

Rafael sent us a story over at ZD Net about RSAs Patents Expiring later this year. It talks about what it is likely to mean to us. Among other things, cheaper and more common encryption.

There's no need to use RSA

[Greg+W.]

Because RSA was patented, replacement algorithms were developed and used instead. GNU Privacy Guard as well as PGP 5.0 and later use Diffie-Hellman, DSA and/or ElGamal instead of RSA.

Besides, PGP doesn't use public-key encryption for the whole message. It uses RSA (or equivalent) only to encrypt a random "session key", which is then applied to the whole message using a symmetric cipher. PGP 2.x uses the IDEA cipher, which is also patented, and which is patented more widely than in just the USA.

Because of all the patent nonsense, I urge everyone who still uses PGP 2.x to upgrade to PGP 5.0 or higher, or to switch to GnuPG.

If you don't use any encryption tools yet, I recommend GnuPG.