[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: patent issues on keyed MD5?



> From: smb@research.att.com
> Folks, we may have a patent issue to contend with.  Novell was recently
> issued U.S. patent number 5,349,642 (my thanks to Tim Farley for posting
> this information to alt.security and comp.security.misc); it appears to
> cover the notion of message authentication via a key cryptographic hash
> function.  The patent was filed on 11/03/1992 and issued on 9/20/1994.
>
What?!?!?

Well, PPP had "published" draft work (CHAP) using a keyed cryptographic
hash function for authentication in 1991.  It was in design review for a
year, and published as a Proposed Standard in October 1992.

And that was based on the Telebit NetBlazer, which was shipping product
in 1991.

And that was based on work in IBM's SNA and Sytek's Poloneous, and Dave
Kaufman's masters thesis work (a form of publication) at UCLA in 1976,
and other work by Frank Heinrich and Karl Auerbach at SDC.

Time to look at the fraud statutes as applied to bogus patent applications.

Bill.Simpson@um.cc.umich.edu