[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Certicom IP Statement Regarding IKE

To: Chris.Stillson@sun.com
Subject: Re: Certicom IP Statement Regarding IKE
From: Russ Housley <housley@vigilsec.com>
Date: Fri, 06 Feb 2004 14:13:28 -0500
Cc: vincent.murphy@sun.com, ipsec@lists.tislabs.com
In-reply-to: <16419.53009.246021.788904@gargle.gargle.HOWL>
References: <5.2.0.9.2.20040206092203.0467c2f0@mail.binhost.com><5.2.0.9.2.20040204133321.04559b08@mail.binhost.com><5.2.0.9.2.20040206092203.0467c2f0@mail.binhost.com>
Sender: owner-ipsec@lists.tislabs.com

Chris:

>I didn't notice that. Yes they do make claim against 2409. Isn't it a
>bit late for them to do that? I can understand them having claims on
>ECC, but the modp stuff? How? The RFC is 6 1/2 years old.....

The IPsec WG did receive some warning in 1998!  It was in a discussion on 
ECC, but it is pretty clear.

         Some of the pending patents for secure implementations of public key
         technologies may also cover implementations of the current mandatory
         portions of IKE in IPsec.

The full note is below.

Russ


>From: "Paul Lambert" <plambert@certicom.com>
>To: ho@earth.hpc.org (Hilarie Orman)
>cc: kent@bbn.com, ipsec@tis.com
>Date: Mon, 20 Jul 1998 16:25:34 -0700
>Subject: Re: Patent & licence for IPSec ?
>
>
>Hilarie,
>
>I assume that your note below indicates that you personally do not have any
>patents filed or patents issued related to IPsec.
>
> >>   At this time are not aware of any intellectual property issues with the
> >>   base IPsec protocols and algorithms, or with IKE use of D-H.  Use of RSA
> >>   for certificate signatures, or use of ECC for key exchange does involve
> >>   patent issues.
> >
> >ECC over F[2^p] for DH key exchange does not infringe on intellectual
> >property.
> >
> >Hilarie
>
>
>Certicom has pending patents that cover secure and efficient
>implementations of Elliptic Curve Cryptography (ECC) over both F[2^m] and
>F[p].  Some of the pending patents for secure implementations of public key
>technologies may also cover implementations of the current mandatory
>portions of IKE in IPsec.
>
>A statement of our non-exclusive and nondiscriminatory patent licensing is
>available at:
>
>   http://grouper.ieee.org/groups/1363/letters/Certicom.txt
>
>The pending patents include some mechanisms to provide more efficient
>processing of ECC based on F[2^m] with "m" being composite.  Note that our
>cryptographic research group  invested considerable effort in composite
>techniques some years ago.  They are now only advocating the use of "m"
>prime based on security considerations.  Note that Certicom has more
>patents pending on F[2^m] with m composite than for F[2^m] prime.  As we
>have discussed on this list before, it is strongly recommended that the
>IPsec use of ECC not support composite 2^m, but rather use only prime 2^m
>curves.  This would provide much better security and would incorporate less
>potential IPR from Certicom
>
>
>Regards,
>
>Paul A. Lambert
>
>VP. Product Management
>Certicom Corporation
>San Mateo California
>+1-650-312-7996

References:
- Certicom IP Statement Regarding IKE
  - From: Russ Housley <housley@vigilsec.com>
- Re: Certicom IP Statement Regarding IKE
  - From: chris stillson <stillson@difilippo.sun.com>

Prev by Date: Re: Certicom IP Statement Regarding IKE
Next by Date: Re: SPD Syntax Example
Previous by thread: Re: Certicom IP Statement Regarding IKE
Next by thread: Re: Certicom IP Statement Regarding IKE
Index(es):
- Date
- Thread