[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
patent issues on keyed MD5?
Folks, we may have a patent issue to contend with. Novell was recently
issued U.S. patent number 5,349,642 (my thanks to Tim Farley for posting
this information to alt.security and comp.security.misc); it appears to
cover the notion of message authentication via a key cryptographic hash
function. The patent was filed on 11/03/1992 and issued on 9/20/1994.
There may be a question of priority. Tsudik's paper describing keyed
hash functions was presented at a conference in May 1992, according to
the Postscript copy I have. But I don't know who came up with the idea
first, and the U.S. is a first-to-invent country. Nor do I know when
the notion was first used for NTP or SNMP authentication.
--Steve Bellovin
P.S. The patent text is in
http://www.town.hall.org/Archives/patent/data2/05349/05349642
Follow-Ups: