[Cryptography Team] ECC and/or NSA Suite B?

Cerebus cerebus2 at gmail.com
Fri Nov 24 19:36:25 UTC 2006 

Certicom also holds patents on a number of ECC things (like almost all
of ECMQV and things like point compression).  NSA has licensed
Certicom's ECC patents en masse for anything done on US Gov't
contract.

There's a patent letter on the SECG website:

http://www.secg.org/

Part of the problem right now is that ECC work is a bit divided, which
has made standardization a bit of a pain.

-- Tim

On 11/24/06, Ron Teitelbaum <Ron at usmedrec.com> wrote:
> Forgot the link:
> http://www.sun.com/emrkt/innercircle/newsletter/0304cto.html
>
> Ron
>
> > -----Original Message-----
> > From: Ron Teitelbaum [mailto:Ron at USMedRec.com]
> > Sent: Friday, November 24, 2006 2:25 PM
> > To: 'Cryptography Team Development List'
> > Subject: RE: [Cryptography Team] ECC and/or NSA Suite B?
> >
> > I'm not sure I understand this since SUN released ECC to the public
> > domain.  I'll get an opinion on it:
> >
> > > -----Original Message-----
> > > From: cryptography-bounces at lists.squeakfoundation.org
> > > [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of
> > > Matthew S. Hamrick
> > > Sent: Friday, November 24, 2006 2:07 PM
> > > To: Cryptography Team Development List
> > > Subject: Re: [Cryptography Team] ECC and/or NSA Suite B?
> > >
> > > Keep in mind, however, that products violate patent restrictions, not
> > > implementations. Otherwise OpenSSL would not be able to include IDEA,
> > > MDC2 or RC5.
> > >
> > > With all the discussion of FIPS 140, I had assumed that most everyone
> > > on the list is working on government contracts. Otherwise, why bother
> > > with it?
> > >
> > > The NSA negotiated a blanket US Federal Government deal for
> > > Certicom's patent portfolio for use in ECDSA, ECDH and ECMQV. So...
> > > if you're a federal government agency, you get to use these
> > > algorithms without having to pay Certicom anything extra. So... if
> > > part of what you're hoping to do is to create an ECC implementation
> > > that can be used by a federal agency, then you can do so without fear
> > > of the Certicom lawyers. Now... the moment the implementation gets
> > > used in a commercial product, then you've got issues.
> > >
> > > On Nov 23, 2006, at 10:24 PM, Cerebus wrote:
> > >
> > > > Is anyone working on Suite B stuff?
> > > >
> > > > Rijndael is there, but it probably should be subclassed as AES proper
> > > > if only to lock down the blocksize to 128 bits and the keysize to the
> > > > allowed 128 & 256 bits.
> > > >
> > > > SHA256 is there, but it doesn't extent to cover the rest of the SHA2
> > > > family (SHA384 and SHA512).  SHA384 is part of Suite B.
> > > >
> > > > Is anyone working on ECDSA, ECDH & ECMQV?  (Well, given that ECMQV is
> > > > more heavily patent-encumbered in the US, I can understand if it's
> > > > left by the wayside).
> > > >
> > > > If not I might take a crack at a couple of pieces.
> > > >
> > > > -- Tim
> > > > _______________________________________________
> > > > Cryptography mailing list
> > > > Cryptography at lists.squeakfoundation.org
> > > > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/
> > > > cryptography
> > >
> > > _______________________________________________
> > > Cryptography mailing list
> > > Cryptography at lists.squeakfoundation.org
> > > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
>
>
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
>

More information about the Cryptography mailing list