Slashdot Mirror

← Back to Stories (view on slashdot.org)

What Would You Do With a New Form of Encryption?

Posted by Cliff on from the share-or-sell dept.

Kip Knight asks: "I've been sitting on an invention for six months now. I'm debating whether to 'give it to the world' or patent it. I would obviously like to feed my family on the fruits of my endeavour but don't see much hope in the open source route. My invention improves upon the 80 year old One-Time Pad encryption turning it into a 'Many-Time Pad'. Since I haven't got my export license to speak about the details yet, I won't describe further. The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP). The disadvantage is carrying around a very large digital key (which could easily fit on one of those USB memory key fobs). My question is this: Could I sell enough $10 shareware GPG extensions to compensate for not locking in 20 years of patent protection (and the $20,000 to patent it)?" While the claims made by the submittor have yet to withstand the crucial test of time (and prying eyes), if you had developed a new form of encryption, what would you do?

25 of 789 comments (clear)

  1. Easy. by superdan2k · · Score: 5, Insightful
    1. Patent it. Period.
    2. Allow it to be used freely by open source programs. License it to commercial companies that stand to make money.
    3. ...
    4. Profit.
    --
    blog |
    1. Re:Easy. by Lokni · · Score: 5, Insightful

      I definitely agree with the above poster on 1, 2 ,4. As far as coming up with the $20,000, find a lawyer that will draw up a rock solid non disclosure agreement and then shop it around to rich businessmen and patent lawyers after you get a signed NDA.

    2. Re:Easy. by blibbleblobble · · Score: 5, Insightful

      Hang on a sec... this guy says he has a revolutionary new encryption algorithm that's as secure as a one-time pad? Now, even for people who don't have the first clue about cryptography*, that sounds like the inventor needs a breath of fresh air and a healthy dose of reality, never mind a patent lawyer.

      Hint: Encryption systems only become revolutionary after they've been in the public domain for 5-10 years. Even then, they won't get used if there's a patent attached.

      One-time pad? Bull. Crypto inventions come at a rate of one every 5 years, and the next one due is quantum cryptography. Think the idea is so smart it's better than quantum? Even claiming it's comparable to elliptic-curve crypto is one hell of a claim, and not something to be believed until it's published in a journal. Several times. And reviewed by people we've heard of. Even then, we won't believe it's unbreakable until the inventor has been imprisoned by the FBI for publishing it.

      Nevermind the patent issue: there's a common-sense issue to be solved first. Thousands of crackpots a year come up with unbreakable [by them] encryption; having a patent doesn't make it any less snake-oil.

      *Clues to be found in:
      Book: Applied cryptography
      Book: Secrets and Lies
      Article: Phil Zimmerman's writings on the PGP page
      Helpfile: PGP helpfile

    3. Re:Easy. by JonTurner · · Score: 5, Insightful
      And then what? "Rock solid" legal agreements don't mean shit unless you have the money to take then to court if they violate the terms or even outright steal the idea. That they did it isn't enough. You have to PROVE it in court, and that takes $$$. Are you prepared for the appeals, motions for discovery, and dozens of other motions filed that are designed to tie you up and run up your legal bills? And even if you do win a decision you have to collect which is another matter entirely.
      A bunch of words on paper isn't going to do much good for someone who may have trouble scraping together the $20,000 for the patent work, the $100,000+++ needed to sue a large corporation with a fleet of slick attorneys is going to be difficult to find.

      Don't just do something, stand there!

    4. Re:Easy. by jovlinger · · Score: 5, Insightful

      I think schneier was the one to point out that we are all able to invent ciphers that we can't break ourselves. The good ciphers are the ones that can't be broken by others.

    5. Re:Easy. by Bagheera · · Score: 5, Insightful

      Looks like you've hit this one on the head. Crypto is a very conservative world and people don't adopt new algorythms untill they've been analyzed to death. Being unwilling to publish it makes me suspecious right from the start. Once it's published he'll at least have copyright protection and can worry about the patent later.

      We won't go into professional cryptologists opinions of amatures with "new and revolutionary ideas." (But some of the threads in the USENET crypto groups can be very enlightening on that count)

      To answer his specific question, I would say NO. Unless he plans to use some form of free license, there are far too many good, unencumbered, crypto systems out there already for it to be worth it to add yet another patented one. At least for implementations at the application level. If there's going to be money in it, it'll be made from a good implementation of the system.

      --
      Never attribute to malice what can as easily be the result of incompetence...
    6. Re:Easy. by j7953 · · Score: 5, Insightful
      Being unwilling to publish it makes me suspecious right from the start.

      Huh? A patent is a method of publishing your invention, in fact, that is (or used to be) one of the points of the patent system: to make it profitable for people to share their inventions instead of keeping them secret. The idea of patents is, as your constitution puts it, "to promote the progress of science."

      Of course, this doesn't work if patents are granted on solutions that are obvious once you know the problem, but that is not the case here. (Assuming the cryptographic algorithm actually works, it is likely that it was not obvious.)

      Remember that RSA is a very successful cryptographic technology, despite being protected by a (now expired) patent.

      --
      Sig (appended to the end of comments I post, 54 chars)
  2. If you want to make money, patent it by hpa · · Score: 5, Insightful

    ... patent it, *then* you can figure out what business model you want to use.

    Note, however, that the claims made by the submittor is basically a laundry list of the kinds of claims that makes seasoned cryptographers go "oh no, not again."

    1. Re:If you want to make money, patent it by markk · · Score: 5, Insightful

      I would reinforce this comment - the claims in the original submission are invalid on the face of it in the real world. There is no plaintext attack on a real 'otp' with enough randomness in the key since the key is used only once.
      To all of the people with new cryptosystems - with all due respect - we now have really good, well understood cyphering methods up to a level where the failure in security won't be from the method of encryption. Key exchange could be improved, but actual symmetric cypher methods aren't going to revolutionize things anymore. We can always use better, and people will continue to look for flaws (as in Rijndael) but none of this is big time.

    2. Re:If you want to make money, patent it by aero6dof · · Score: 5, Insightful

      The corollary to this advice would be to hire a lawyer to write an NDA and hire an competent, independent cryptographer under that NDA to advise you about the novelty of your encryption approach. This will give you an idea of its worth pursuing the patent. I would think that you should explore not only the encryption algorithm, but the physical key-management apparatus that you're envisioning.

    3. Re:If you want to make money, patent it by coyote-san · · Score: 5, Insightful

      Or we can save him the effort and tell him what his "revolutionary" idea is, thus simultaneously providing proof of prior art (making the patent question moot) and that he needs to spend more time studying cryptology before his next big idea.

      The fact that he says it's "multiple use" and that it requires a "digital key" suggests that he's using the key as the seed for some crypto PRNG (e.g., you recursively encrypt your salt with your key as the password, then pull out some of the bytes to create your OTP. Put the random salt as the first few bytes of the cipher text and voila, instant multiuse OTPs. Not weak (not if you use a good crypto PRNG), but hardly an original thought that would not occur to the casual practitioner of
      the science.

      (There's also the pesky fact that most experts would consider this approach foolhardy. If you have a decent encryption routine, use it to encrypt the data directly. Crypto PRNGs are believed to be strong, but I don't know if this has been formally studied. There would well be an emergent property in the implementation that makes the PRNG highly predictable.)

      A refinement would involve recognizing that DSA keys actually have a 'generator' attribute, and you could use that to map your salt to a seemingly random sequence of values. It should be much more efficient than the recursive crypto approach, but again is hardly original since the very reason that these keys include generators is that they're used to efficiently generate ephemeral session keys via the same property.

      --
      For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
  3. Feed the Family by syrupMatt · · Score: 5, Insightful

    Fact is, if i need money, then liscense it to a company who will do the dirty work for me and live off the proceeds. If it is, in fact, a brilliant discovery, you should fight for provisions which will ensure some amount of open review.

    Not everyone who comes up with such a proven idea is a software developer, and they may not be able to live off of creating cutting edge software or maintaining said software for a living. The bazaar method doesn't apply to theory.

    --
    "Moving through the masses like a fish through water." syrup
  4. Hehehehe by tomstdenis · · Score: 5, Insightful

    Ten bucks says five mins after he publishes it it will get broken.

    "many-time" otp are quite nonsense. See the problem is people think that good ciphers can have security approaching the OTP. The OTP is an absolutely different type of security.

    For instance, *no* ammount of time is sufficient to break an OTP without the key. Whereas a block cipher can be broken at least in theory.

    I'd suggest to the original poster that he try to get his design published. When it gets horribly broken it will serve as a learning experience as how "not" to approach science.

    Tom

    --
    Someday, I'll have a real sig.
    1. Re:Hehehehe by X-rated+Ouroboros · · Score: 5, Insightful

      Indeed.

      I seriously doubt the guy has looked at this from all angles or considered how it would be implemented digitally. Some ideas that seem really good on paper break down when you get to the nuts and bolts of how to do it with bits and bytes. Considering the guy's tendency to throw around OTP and, gag, "many-time pad," I don't see a lot of familarity with the way these terms are percieved by the lay crypto.

      Still, if he's got that much faith in it, patent it, or write it up and copyright the description (not really ironclad, but it could get a settlement if OmniCorp steals the idea). I think the only reason the guy is asking about rather than just doing it is because he fully expects it to be broken shortly after going public and all the costs of filing a patent going to waste.

      Considering he says it's invulnerable to known plaintext attack he could post some plaintext and ciphertext for people to whack at for a while. It might just be security through obscurity if no one breaks it, but it could also illustrate that while he's so busy looking at ways to break the algorithm he's too close to see he's taking the long route around a much more straightforward (and trivial) transform.

      Posting ciphertext and plaintext and inviting people to attack it should keep the encryption method safe if it's as secure as he thinks it is. If some reverse engineers the algorithm (or an equivalent) it will show it wasn't worth patenting in the first place (or that it's already been patented).

      --
      Simple Machines in Higher Dimensions
  5. Your first job: Air it out to the crypto community by Faggot · · Score: 5, Insightful

    It's heartwarming that you've invented a new form of crypto. However, before anyone takes it seriously, you're going to have to reveal it to the cryptographic community. "Many eyes make bugs shallow" as they say, and in few places is this more important than in crypto. An algorithm you've looked at 10000 times may have a logical error you've never caught, that would be glaring to a knowledgable pair of fresh eyes.

    Plus no self-respecting paranoid freak is ever going to use a new cipher that hasn't had any time in the spotlight. Release it to the field and ask for comments.

    --

    But what do I know. I'm just looking for anonymous gay sex.

  6. 99.9 percent sure by PD · · Score: 5, Insightful

    That this invention is a bunch of crap. Most likely scenario: inventor releases a press release that gets widely reported and the most secure thing ever invented. Claims like "unbreakable" and "proven secure" and "many time pad" will be thrown around freely.

    And then someone with a decoder ring will crack that puppy wide open.

    Yawn. Snake oil.

    --
    If tits were wings it'd be flying around.
  7. Re:Do Nothing by Anonymous Coward · · Score: 5, Insightful

    Security Through Obscurity Does Not Work. Period.

  8. Is it worth patenting? by TheSync · · Score: 5, Insightful

    Patenting something (properly) will cost thousands of dollars and will require a patent lawyer.

    The US is a first-to-invent not a first-to-patent country, so make sure you have a hardcopy of your invention description dated and notarized.

    Then let some Net crypto people beat on your idea, make sure you say "Patent Pending."

    If it holds up, you should easily be able to raise the money to get it patented properly. (Actually, if so, email me, I may know a few investors)

    Judging from your description, I'd say your invention has a high probability of not truly doing what you think it does. Developing novel and useful cryptographic technology is a rare occurance, generally done by people who have a ton of experience in the area. No point in wasting money if it won't stand up to 30 minutes in sci.crypt

  9. Mathematically impossible by Lord+Greyhawk · · Score: 5, Insightful

    My invention improves upon the 80 year old One-Time Pad encryption turning it into a 'Many-Time Pad'.

    Information theory proves that the One-Time Pad (OTP) is optimal - it cannot be improved.

    The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP).

    The OTP has no known-plaintext vulnerability. By submitting even a chosen plaintext to be encrypted, and studying the encrypted message, you only learn the piece of the One-Time pad used on your own content. It does not help you break any other part of any other message.

    The only way to break a OTP is to get a copy the pad or by breaking the random number generator used to create the pad.

    This post's claim is the usual nonsense. So patent it if you wish - release it if you wish - I doubt anyone will find it usable.

    1. Re:Mathematically impossible by AnotherBlackHat · · Score: 5, Insightful
      My invention improves upon the 80 year old One-Time Pad encryption turning it into a 'Many-Time Pad'.

      Information theory proves that the One-Time Pad (OTP) is optimal - it cannot be improved.


      Sorry, I can't let that one pass -
      Information theory doesn't prove anything of the sort.
      OTP are provably unbreakable in one, limited sense.
      There's plenty of room for improvement in all the other senses however.


      The OTP has no known-plaintext vulnerability.

      Not true.
      The traditional XOR - OTP is vulnerable to a man-in-the-middle active change attack.
      Picture a bank deposit protected with an XOR OTP.
      The MitM XORs the account number of the victim with (victim's account number ^ MitM's account number)

      This post's claim is the usual nonsense.

      At least we agree on something.

      - this is not a .sig
  10. Here's a quote... by Bald+Wookie · · Score: 5, Insightful

    It is impossible to make money selling a cryptographic algorithm. It's difficult, but not impossible, to make money selling a cryptographic protocol.

    Who said it? Bruce Schneier, one of the current gurus of crypto. Where did he say it? Here on Slashdot

    The whole article is worth a read.

    My perspective is that I seriously doubt your claims. Until there is strong peer review of your entire cryptosystem from top to bottom, I won't touch it. Unless it solves some problem with other cryptosystems already in use, the market won't touch it. If you can these two objections then you might have a shot at some money. Otherwise...

  11. Don't be too sure of yourself by Erbo · · Score: 5, Insightful
    I suggest you begin by reading this, and maybe also this, both by Bruce Schneier, one of the foremost experts in cryptography and computer security today. Then re-evaluate your expectations about the potential success of your new algorithm, because it's possible you're deluding yourself.

    I'm sorry to burst your bubble, but there have been a lot of great mathematicians and cryptographers that have tried to design good, secure algorithms over the past few decades. Very few have actually managed to create algorithms that'll stand up under analysis. You may think you've done so, but it's going to take a lot to convince everyone of that.

    --
    Be who you are...and be it in style!
  12. My advice - give it away for free by vlad_petric · · Score: 5, Insightful
    IMHO it is much better to become renowned and not make money out of it than waste your money on a patent and get zero return.

    The chances of making money out of a patent are slim. Moreover, the cryptography market is "canibalized" - even if your system is, as you claim, a lot better than the existing techniques, most people will still use something that stood the test of time (e.g. RSA, which has become free)

    Anyway, the US Patent system allows you to publish your idea one year before you file for a patent. Get some peer reviews (a proof is simply not a proof if kept secret) before embarking on a patent adventure.

    --

    The Raven

  13. Just tear it up and throw it away.... by autopr0n · · Score: 5, Insightful

    I seriously doubt you've found anything substantial that some of the worlds greatest mathematical minds just sort of 'passed over'. I mean, seriously. It's been proven that the only secure encryption technique is OTP. You could no more have come up with something more secure then I could add 2 + 2 and end up with 64,000.

    Finally, you can actually both "give it to the world" and "make money". In fact, the whole point of the patent system is to get people to give out their secrets by granting them a limited monopoly.

    If you really have something worth while, you can simply license you're concepts for general use. Public Key crypto has been patented for 30 years (almost expired) but it's used everywhere and has been a great boon to secure communications. Why? Because the authors licensed it for reasonable rates and allowed it to be used for free.

    Patents only cost about $700, and once you get one it's yours for the next N years (or whatever, not sure about the exact number of years, it may be different in different fields). You can still let people use it for N-1 years and then try to get money out of it in year N (see the Unisys GIF patent). Patents aren't like trademarks where you have to keep policing them or you lose them, despite what morons on Slashdot (such as Hemos, even... btw whatever happened to him?) seem to believe.

    One other thing:

    The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP).

    If I'm reading this right, you seem to think OTP is susceptible to brute force attacks. If this is true, you basically know jack about encryption.

    --
    autopr0n is like, down and stuff.
  14. No Lawyers/Rich Businessmen Required by Johnboi+Waltune · · Score: 5, Insightful

    Just go to the bank you do business with and get a $20,000 loan. If you have a decent credit rating, it should be no problem at all. You could also take out a loan against your 401(k), or even a home equity loan. Rates are great right now. The point is, there's no reason to involve a third party who has an interest in your invention, just to get the funds to patent it.

    --
    "The advanced societies of the future will be driven by competing systems of psychopathology." -JG Ballard