Inventors of RSA win Turing Award

Frisky070802 writes "The NY Times has an article on how Rivest, Shamir, and Adleman (the inventors of the eponymous RSA public-key encryption algorithm) have won the ACM's Turing award for contributions to computer science. You mean they didn't win already?"

Didn't Win Already

[Euphonious+Coward]

The patent only just expired.

Re:Didn't Win Already

[Frisky070802]

The patent only just expired.

What does that have to do with winning the award?

Re:Didn't Win Already

[Euphonious+Coward]

The patent just expired, so it is now possible to incorporate the result in further scientific work, as per the scientific tradition, without involving the lawyers. Only now is it appropriate to treat the development as a pure scientific achievement.

Re:Didn't Win Already

are you fucking kidding?!?!?

Re:Didn't Win Already

your fat fucking mother is a pure scientific achievement. cunt.

What??

[orthogonal]

Inventors of RSA win Turing Award

So, like, the ACM committee talked to Rivest, Shamir, and Adleman over a teletypewriter and were convinced that all three were human?

Or does this mean that each of the three are, at any one time, in only of of a finite number of possible states, and can compute any computable function with their (poissibly infinite length) tapes?

They already won through patent 'royaltees'

[Anadalucia]

Through some nifty back door dealings, the patented RSA algorithm made it into standard and mission critical Internet protocols like SSL. (RSA let Netscape use the RSA algorithm in return for stock in Netscape. Who knows what deal they had with Microsoft to do the same. It was in the best interest of both Netscape and Microsoft to use RSA and not support any of the free alternatives such as DSA because it meant other companies couldn't get into the secure web serving business without a substantial cash investment to the RSA corp. RSA eventually became Verisign and/or Network Solutions.)

Meanwhile, Verisign made a killing off charging an arm and a leg for SSL certificates. In order to support a wide variety of browsers, you needed to support the oldest certificates, and Verisign, a division of RSA, created both the need and the solution for themselves.

I agree that RSA was a wonderful creation. The fact that it was patented, and that these sly companies were able to abuse that for millions upon millions of dollars was a horrible shame in contrast.

Anyone know what day-to-day involvment R. S. and A. had in the companies that profited from their algorithm?

And any chance that Diffie/Helman or other luminaries will be recognized for their similar contributions to the field? Contributions that were not as recognized because they made their discoveries available to all?

Re:They already won through patent 'royaltees'

[WickerChap]

Not belittling the achievements of R, S and A, Clifford Cocks discovered exactly the same mechanism for assymetrical encryption in his lunchbreak while working for GCHQ, predating the collective works of RSA by a good number of years. It was only the lack of foresight of GCHQ management that prevented them from capitalising from the discovery (that and patenting algorithms was unthought of then)

--

Re:They already won through patent 'royaltees'

[Blaine+Hilton]

They probably didn't see an extra dime and the so-called "upper level management" is milking it for all its worth. Notice how you can't recall their names off the top of your head?

Verisign also had a good deal with domain names and they still charge outrageous prices on them.

Re:They already won through patent 'royaltees'

Actually, I've worked on my thesis under both S and A in RSA, and I can tell you that they don't really like what has happened to their purely-scientific patent.

Stop the presses!

[rjh]

I have found a truly remarkable proof that RSA is insecure, but the margin of this comment is too small to contain it.

( ... with a nod-of-the-head to Fermat and Wiles.)

Why?

[Daleks]

Someone named Gibbs figured this out years earlier, but he worked at the NSA and couldn't tell anyone for a long time.

Re:Why?

[cassidyc]

Actually some guys in Britain sussed it out before Messurs R S and A, but again were sworn to secrecy (working for GCHQ or equiv). I recommend The Code Book by Simon Singh as a more reliable source than my memory.

CJC

What about Koblitz and Miller?

[vorwerk]

I've always found it interesting that RSA is so hyped, and elliptic curve cryptography (ECC) -- introduced independently by Koblitz and Miller in 1986 -- has received so little attention.

Basically, with a 160 bit key, ECC achieves the same level of security as 1024 bit RSA. (Another example: a 591 bit ECC key is said to possess the same security as 15000+ bit RSA. Hyperelliptic curves may achieve comparable security in even smaller keys, but they remain mostly theoretical due to poor performance and questionable security relative to elliptic curves.) And, because the keys are so much smaller -- and there are efficient techniques for scalar point multiplication over a Galois Field -- ECC tends to offer incredibly good performance.

Unfortunately, the general adoption of ECC just isn't there in the same way as RSA. Mind you, there has been some recent research in which ECC was implemented in OpenSSL (0.9.6b), but I don't think that the SSL 3.0 protocol has been extended to support it yet. Also, there is a tremendous amount of research continuing in this field to improve ECC performance (not just in software, but in elliptic curve processors for smart cards, for instance). And, of course, ANSI, IEEE, and NIST FIPS 180-2 standards are working their way thru the pipes.

But still ... for an idea that's been around for more than 15 years, and which has made a lot of inroads in academia, it sure hasn't gone too far in industry (Certicom and Motorola being two notable exceptions).

Re:What about Koblitz and Miller?

AFAIK each and every elliptic curve algorithm is patended in US and I am glad that they are not widely used. Patended RSA was enough. Petrhaps in 5-10 years when the patents expires?

Re:What about Koblitz and Miller?

While I agree that ECC is a great invention, and that it is perhaps underappreciated, I can't say that Koblitz and Miller should receive the Turing Award for their contributions.

RSA was a greater contribution to cryptography and computer science for a couple of reasons:

First of all, it was the first full-fledged public-key cryptosystem that was capable of both encryption AND digital signatures. Encryption was workable (ElGamal-style variants of the Diffie-Hellman algorithm were around, and ill-fated knapsack systems hadn't been broken)-- but "a method for obtaining digital signatures" hadn't been found yet.

Secondly, while ECC is relatively simple (compared to some other systems out there), RSA is simpler. Part of the reason RSA is so trusted has to do with its simplicity-- most folks with a good idea of math can grasp the ideas behind RSA in no time flat. Hell, RSA is covered in most introductory number theory classes these days. This makes implementation and optimization a lot easier for most folks, even if the end result is a little slower.

On the subject of simplicity, consider that RSA's simplicity has also invited a LOT more analysis than elliptic curves. While I'll grant that EC algorithms have had lots of analysis, it's nowhere near as much as RSA. The more analysis an algorithm withstands, the more trust crypto gurus usually place in it.

That said, it's quite possible that EC algorithms aren't getting a fair shake. There's a great deal of research in the field, and the confidence level among those in the know is high. The performance is good. The only thing really holding ECC back now is the patent issue-- consider that GPG and OpenSSH shipped without RSA support in the U.S. until the patent expired. That's probably going to happen with OS and ECC.

eponymous

Gee, someone has a subscription to the "word-a-day" mailing list.

Re:eponymous

[Frisky070802]

Gee, someone has a subscription to the "word-a-day" mailing list.

Hah! If I got to moderate your snipe, it definitely gets points for humor, even if I was the victim of your insult.

Actually, I've read the word in various columns and such, and this is the only time it seemed right to use it :)

And what's the address to subscribe to that list...?

Re:eponymous

Gee, someone has a subscription to the "word-a-day" mailing list.

It's just a word, appropriate to the context. Don't assume that because your vocabulary is limited and four syllables seems like too much, that everyone else has the same problem.

Re:eponymous

[Frisky070802]

You're right of course, but the comment was true to form for Slashdot, and it completely cracked me up. If I didn't take (too much) offense, I'm impressed that you would.

Hate NY Times? Here ya go

[Surye]

Computer Science Prize to Honor 3 Forerunners of Internet Security By JOHN MARKOFF he Association of Computing Machinery plans to announce today that Ronald L. Rivest, Adi Shamir and Leonard M. Adleman will receive the 2002 A. M. Turing Award for their development work in public-key cryptography. The award, which carries a $100,000 prize financed by the Intel Corporation, is given annually to leading researchers in the field of computer science. Working at the Massachusetts Institute of Technology in 1977, the three men developed the RSA algorithm, which is widely used today as a basic mechanism for secure Internet transactions, as well as in the banking and credit card industries. What's new? The strength of this approach is that it provides highly secure communications over distances between parties that have never previously been in contact. Dr. Rivest now teaches in the electrical engineering and computer science department at M.I.T. Dr. Shamir is a professor in the applied mathematics department at the Weizmann Institute of Science in Israel. Dr. Adleman is a professor of computer science and of molecular biology at the University of Southern California.

Re:Hate NY Times? Here ya go

[Frisky070802]

Karma: Negitive (mostly affected by bad, overrated sig jokes)

Gee, and I thought it was because of copyright violations, or perhaps bad spelling.

Re:Hate NY Times? Here ya go

[Surye]

o.0 Copyright violations? I didn't know... And yes, I admit my spelling is horrible.

Re:Hate NY Times? Here ya go[Better Formatting]

[Surye]

Computer Science Prize to Honor 3 Forerunners of Internet Security
By JOHN MARKOFF

he Association of Computing Machinery plans to announce today that Ronald L. Rivest, Adi Shamir and Leonard M. Adleman will receive the 2002 A. M. Turing Award for their development work in public-key cryptography.

The award, which carries a $100,000 prize financed by the Intel Corporation, is given annually to leading researchers in the field of computer science.

Working at the Massachusetts Institute of Technology in 1977, the three men developed the RSA algorithm, which is widely used today as a basic mechanism for secure Internet transactions, as well as in the banking and credit card industries.

What's new?

The strength of this approach is that it provides highly secure communications over distances between parties that have never previously been in contact.

Dr. Rivest now teaches in the electrical engineering and computer science department at M.I.T.

Dr. Shamir is a professor in the applied mathematics department at the Weizmann Institute of Science in Israel.

Dr. Adleman is a professor of computer science and of molecular biology at the University of Southern California.