[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Remove SHOULD for elliptic curve groups in IKEv2
"The Purple Streak (Hilarie Orman)" <ho@alum.mit.edu> writes:
> In my previous note about published work on using elliptic curve
> groups for cryptography, I did not mean to imply that existing
> patents are invalid. What I meant to say is that the patents do
> not cover the basic algorithms, nor do they cover all good
> implementation methods. There is plenty of early published
> work covering the ideas. It's not nearly as all-encompassing
> as the RSA or DH patent situation was.
Nevertheless, a lot of us find the situation very confusing,
because there seem to be a lot of patents of various sorts
flying around.
What I think would be very helpful here would be if someone
(you?) wrote a draft describing a single algorithm with:
(1) A description of its patent status (hopefully, with
some reference to the techniques having been published
prior to patents being filed).
(2) Some estimate of its security properties (e.g. an estimate
of strength.)
(3) Some description of (unencumbered) implementation techniques
along with performance numbers for those techniques,
perhaps with comparisons to RSA.
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/