Info-PGP: PGP Digest Wednesday 16 December 1992 Volume 2 : Number 4
Hugh Miller, List Manager / Moderator
Info-PGP is a digested mailing list dedicated to discussion of Philip
Zimmermann's `Pretty Good Privacy' (PGP) public-key encryption program for
MS-DOS, Unix, VMS, Atari, Amiga, SPARC, Macintosh, and (hopefully) other
operating systems. It is primarily intended for users on Internet sites
without access to the `alt.security.pgp' newsgroup. Most submissions to
alt.security.pgp will be saved to Info-PGP, as well as occasional relevant
articles from sci.crypt or other newsgroups. Info-PGP will also contain
mailings directed to the list address.
To SUBSCRIBE to Info-PGP, please send a (polite) note to
info-pgp-request@lucpul.it.luc.edu. This is not a mailserver; there is a
human being on the other end, and bodiless messages with "Subject:" lines
reading "SUBSCRIBE INFO-PGP" will be ignored until the sender develops
manners. To SUBMIT material for posting to Info-PGP, please mail to
info-pgp@lucpul.it.luc.edu. In both cases, PLEASE include your name and
Internet "From:" address. Submissions will be posted pretty well as received,
although the list maintainer / moderator reserves the right to omit redundant
messages, trim bloated headers & .sigs, and other such minor piffle. I will
not be able to acknowledge submissions, nor, I regret, will I be able to pass
posts on to alt.security.pgp for those whose sites lack access.
Due to U.S. export restrictions on cryptographic software, I regret that I
cannot include postings containing actual source code (or compiled binaries)
of same. For the time being at least I am including patches under the same
ukase. I regret having to do this, but the law, howbeit unjust, is the law.
If a European reader would like to handle that end of things, perhaps run a
"Info-PGP-Code" digest or somesuch, maybe this little problem could be worked
around.
I have received a promise of some space on an anonymous-ftp'able Internet
site for back issues of Info-PGP Digest. Full details as soon as they firm
up.
Oh, yes: ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; STANDARD
DISCLAIMERS APPLY.
Hugh Miller | Asst. Prof. of Philosophy | Loyola University Chicago
FAX: 312-508-2292 | Voice: 312-508-2727 | hmiller@lucpul.it.luc.edu
Signed PGP v.2.1 public key certificate available by e-mail & finger(1)
=-=-=-=-=-=
Newsgroups: alt.security.pgp
From: ntomczak@vega.math.ualberta.ca (N Tomczak-Jaegermann)
Subject: Re: pgp2.1 signed announcement botched by usenet?
Date: Sun, 13 Dec 1992 21:25:42 GMT
ujacampbe@memstvx1.memst.edu (James Campbell) writes:
>Sorry, USENET ain't the culprit; Procomm Plus and I were. Unbeknownst to me
>(but knownst to everyone in alt.privacy), Procomm's ASCII Upload feature was
>secretly adding an ASCII 32 to each blank line in the post.
You should have make your message to go through some VM mailer. It would
strip for you all trailing blanks (and possibly would perform some other
more-or-less-subtle modifications on your message) and everything would
be hunky-dory. You wouldn't be so happy if you would expect these
trailing blanks to be still there on arrival but you cannot have it both
ways. :-) Actually you touched a real problem. Various mailers are
known to take liberties with a contents of passing through messages
and more often than not you do not have a control over how your message
was routed. Uuencoded stuff is not guaranteed to pass unmolested
although most people are lucky most of the times.
Michal Jaegermann
ntomczak@vega.math.ualberta.ca
=-=-=-=-=-=
Newsgroups: sci.crypt
From: warlord@MIT.EDU (Derek Atkins)
Subject: Re: PGP 2.0 help please
Date: Sun, 13 Dec 1992 16:01:05 GMT
In article <1geiggINN7tv@agate.berkeley.edu> bing@zinc.cchem.berkeley.edu (Bing Ho) writes:
I realize that I can use somebody's public key and encrypt a message
to him, but what if I am say the president of a corporation and
wish to encrypt a sensitive memo to all managers. Would I have to
encrypt the file however times I have managers, each to his or her
own key, or could I create a "list" of recipients?
PGP 2.0 does not have this functionality (It was one of the first
things I noticed back in September). In fact, PGP 2.1, which I highly
recommend you pick up, doesn't have it either. HOWEVER, PGP 2.2
*WILL* have it. I don't know when 2.2 will be released, however I'm
sure that it will be in that release.
So, to answer your question, given PGP 2.0 or 2.1, you have the
encrypt the file once for each recipient, instead of creating a single
cryptofile that you can send to everyone. I hope this answers your
question.
I'm sorry if this is in the documentation, but I wasn't really able
to elucidate it.
No, You didn't miss anything.
Thanks for any help.
No problem!
-derek
--
Derek Atkins -- MIT '93 -- Electrical Engineering
--warlord@MIT.EDU | ..!mit-eddie!mit-athena!warlord | s20069@mitvma.bitnet
Chairman, MIT Student Information Processing Board (SIPB)
MIT Media Laboratory, Speech Research Group
=-=-=-=-=-=
Newsgroups: sci.crypt
From: gerben@rna.indiv.nluug.nl
Subject: Re: PKP/RSA comments on PGP legality
Date: Sun, 13 Dec 1992 15:31:44 GMT
Hopefully, the US Congress will ban software patents altogether *), making
political issues like the legality of using a cypher at all the only question left.
*) Not much hope, since the text of the GATT treaty does not offer the possibility
to exclude *anything* from patentability (except in the case of national
emergencies).
--
Gerben Wierda Tel. (+31) 35 833539
"If you don't know where you are going, any road will take you there."
From the Talmud(?), rephrased in Lewis Carroll, "Alice in Wonderland".
=-=-=-=-=-=
Newsgroups: alt.security.pgp
From: norstar@tnl.com (Daniel Ray)
Subject: Re: PGP v. 2.1 Released
Date: Sun, 13 Dec 1992 20:08:07 GMT
In article <1992Dec10.185107.10925@netcom.com>, strnlght@netcom.com (David Sternlight) writes:
>
>I have mixed feelings about Uri's message.
>
>Until the legal status is resolved, one might wish to get rid of the
>PGP "tags" which are overt confirmation that one is using a public key
>system. On the other hand, I disagree in the sense that if unlicensed
>use of public key systems REALLY IS a violation of law (not "is
>asserted to be by PKP")--for example after a court case--then his
>suggestions is tantamount to publicly advocating the concealing of a
>legal violation, which I cannot support.
>
what are you...nuts? I person either does or does not commit an illegal
act. but, if one DOES choose the hard road of committing an illegal act,
it is best to commit it whole-heartedly...i.e. let all actions conform to
the decision. To commit the act, and then slit your own throat by NOT
CONCEILING IT, is the suicide it seems to be. If you are going to betray
yourself like that, better to choose to not commit the illegal act.
You, personally, may not "publicly advocate" conceiling an illegal act,
but it is obvious that one should and must do this if one commits a crime.
>If one feels PKP is over-broad in their claims, the way to deal with
>this is by direct resolution. If one feels PKP is legally on firm ground
>but thinks there "shouldn't be" patent protection for software, or some
>such, again the way to deal with this is by trying to get the law changed.
>I'm not one who supports illegal acts in the face of what one thinks
>is unfairness.
what's this..."unfairness"?? what if unfair is defined as targetting you
personally and stamping you out through a new law? the people who think they
are above the fray often find that, after time, things change...
>Finally, I trust the police and intelligence agencies of our
>government. They are not a bunch of fascists out to get the innocent,
>as some messages sometimes imply, but hard-working fellow-Americans
>trying to do a very difficult job. Yes, there have been, and may
yes, the intelligence community is really "just a bunch of people". I agree.
but as such, they may or may not still choose to start a war with you.
and if they did, the odds would already be hopelessly stacked in their
favor. they are just people. but they are a unique mixture of good and evil,
good and bad traits, lots of things...if they have a lot of power they
may get used to using it without constraint. too many scenarios to talk
about here.
>continue to be some individual abuses, sometimes by senior people, but
>the way to deal with that is via strong internal and external
>watchdogs, and by clear definition of what is, and isn't to be
>permitted.
not the right newsgroup for this, but if you look at the U.S. now I can't
believe you would say such a thing....your watchdogs fail here and now!
>Recent trials of government officials, and recent use of independent
>prosecutors, whatever one thinks of the substance, go a long way
>toward compelling caution by those who would abuse their privileged
>and trusted positions in the FBI and intelligence services.
>
>David
trials & special prosecutors are just pick and choose while the system
escalates towards a police state.
dan
--
norstar
The Northern Lights, Troy NY |
tnl dialins: +1 518 237-2163 @ 1200-2400 bps 8N1 $free ` | /
------------------------------------------------------- --- * ---
UUCP: uunet!uupsi3!tnl!norstar / | .
Internet: norstar@tnl.com |
=-=-=-=-=-=
Newsgroups: alt.security.pgp
From: neuhaus@vier.informatik.uni-kl.de (Stephan Neuhaus (HiWi Mattern))
Subject: Re: PGP v. 2.1 Released
Date: Tue, 15 Dec 1992 11:42:20 GMT
[Sorry that this is such a long posting. I simply cannot express
myself more concisely. And Marc, this is definitely *not* a flame.]
Marc VanHeyningen <mvanheyn@whale.cs.indiana.edu> writes:
>Thus said neuhaus@vier.informatik.uni-kl.de (Stephan Neuhaus (HiWi Mattern)):
>>There is no way that a worldwide software distribution [of PEM
>>RFC-compliant software] can be created that uses RSAREF, without it
>>violating export laws.
>The [RFCs] I read did not make any reference to RSAREF.
You're right. I actually got it backwards. However, this does not
invalidate my point.
First, you cannot write a PEM RFC compliant package outside the USA
and import it into the USA. According to Mr Bidzo's letter, this is
illegal under the ITAR. As soon as it is within the USA, it will also
violate PKP's patent if you try to give it away for free.
You also cannot write a package *inside* the USA, and export it. If
you want to do that without license and patent hassles, you have to
get RSAREF. Exporting RSAREF is illegal under the ITAR. If you try
to do without RSAREF, it's still illegal, but you can also be sued by
PKP for using unlicensed, patented stuff.
So, as I said, you *cannot* legally write one single wordwide
PEM-compliant software package without getting into trouble, with or
without RSAREF. (This is even stronger than my original claim.)
>>And how good is an Internet standard if it's US-centric?
>There is nothing about the RFCs that is inherently US-centric.
The key validation by RSADSI is. Now, I don't have to use this, you
say. But what good is my key if it has no signatures on it? I wonder
about the RFC creators' motives when they did not even consider
foreign key registration centers in the RFCs, or even a scheme like
PGP. (I have read the "now obsolete" RFCs 1113 -- 1115. It might be
that this has changed in the updated versions. It might even be that
I haven't read the RFCs carefully. Anyway, I noted that Mr Bidzos is
listed as an "Advisor" in the preface. That might explain the key
validation scheme.)
[An aesthetical side note: I was also appalled by the large number of
times the word "RSADSI" is mentioned in these RFCs. RFCs are supposed
to be proposed standards, not a place for advertisements.]
Additionally, proposing an *international* standard in a country with
export limitations on the very thing the standard is supposed to
standardize, and patent claims on the proposed standard method of
doing things, without (as far as I know) taking into account the
opinions of foreign users/developers, appears US-centric to me.
You also said that the author(s) of PGP didn't like the PEM. That's
right (I think), and I personally approve of PGP's method of doing
things, for one technical and two personal reasons.
First, PGP's trust model (and hence, key management scheme) is more
general than PEM's. You can easily have a centralized agency sign PGP
keys. With PEM, you are forced to trust RSAREF to introduce people.
The ciphertext file format and command line options are only minor
nuisances that can be fixed easily, should someone feel the urge to do
so.
Second, RSADSI is strongly linked with PKP, which holds (and threatens
to enforce) a software patent. Since I oppose software patents in
general, I do not wish to support a company that holds one by paying a
key validation fee.
Third, I don't like the idea of a trust monopoly. I am perfectly
capable of managing my keys myself, thank you, and I'd like to place
my trust where *I* choose. (In case you're wondering, I always carry
my secret and public keyrings around at all times. I also
periodically check these keys against multiple copies kept here and
there.)
>>You might force all US netters to use RIPEM, but the rest of the
>>world will probably use PGP.
>RSADSI and PKP don't make U.S. export law. With regard to export law,
>PGP and RIPEM are no different.
That's right. I apologize, as I was clearly not thinking when I wrote
this. But the fact remains: RIPEM is an American free PK product
which means that I can't get it. PGP is a non-American free PK
program, which means that I can get it.
If RIPEM comes out, some parts of it will have to be re-implemented
outside the US. That might not be RSADSI's fault. Some people (such
as I) will take the easy way, abandon RIPEM and the RFCs, and use PGP.
The RFCs must not be approved until it is clear that RSA code (and
other crypto code) may be shipped freely between the US and the rest
of the world.
>[W]ith regard to "the rest of the world" the only difference is that
>PGP has already been successfully smuggled out of the U.S., while
>RIPEM has not (yet).
No, no! To get a copy of PGP from outside the US, it was *never*
necessary to ftp it from a US site. I think the first European sites
that carried it were ghost.dsi.unimi.it and the Finnish site (forgot
the name). As for version 1.0, you may be right technically, though.
-----BEGIN UNRELATED SIDE NOTE-----
>Patriotism is, in fact, the *first* refuge of the scoundrel.
See the recent development of the neo-Nazi movement in Germany. Sigh.
We'll drive them out, though. (Even though the politicos may not be
of help.)
-----END UNRELATED SIDE NOTE-----
Have fun.
--
Stephan <neuhaus@informatik.uni-kl.de>
sig closed for inventory. Please leave your pickaxe outside.
PGP 2.1 public key available on request. Note the expiration date.
=-=-=-=-=-=
Newsgroups: comp.os.os2.apps,alt.security.pgp
From: twillis@pintu.demon.co.uk (Tom Willis)
Subject: PGP 2.1 and HPACK 0.78 for OS/2
Date: Sun, 13 Dec 1992 21:00:26 +0000
I have posted OS/2 32-bit versions of PGP and HPACK available for
anonymous FTP from the UK. These are on:
`ftp.demon.co.uk' [158.152.1.65] in ~/pub/ibmpc/pgp
Both these were compiled from the standard shipped sources using the GNU
2.2.2 compiler (EMX version).
PGP === `Pretty Good Privacy' a Public Key encryption system.
HPACK === an archiving utility (currently in Beta) using PGP encryption
and authentication and supporting OS/2 EAs and HPFS long filenames.
More information on both in NewsGroups alt.security.pgp and sci.crypt.
--
Tom \/\/illis | 1. twillis@pintu.demon.co.uk | Have PGP 2.0 key
DGA Ltd | 2. GBR55N55@IBMMAIL | ... will swap
LONDON UK | 3. 100042.446@Compuserve.com |
=-=-=-=-=-=
Newsgroups: alt.security.pgp
From: uri@watson.ibm.com (Uri Blumenthal)
Subject: Re: PKP/RSA comments on PGP legality
Date: Mon, 14 Dec 1992 18:16:19 GMT
In article <1992Dec14.014118.11612@netcom.com>, strnlght@netcom.com (David Sternlight) writes:
|> If my understanding is now accurate that PGP2.x violates both the
|> Munitions Act and PKP's patents, and that this violation is occasioned
|> not just by use but also by possession in the U.S., then it would seem
|> prudent to get it off one's U.S. computers and any U.S. net
|> sites--Internet, Usenet, Fidonet, anynet. Presence on a bulletin board
|> system may be just what someone needs to close down that system.
While that may (or may not) be true, could somebody please
clarify this for me:
a) If PGP violates PKP's patents - then PKP can seek
damage recovery (suing :-). Now - since RSAREF is
released for non-commercial use, and RIPEM is going
to be freely available real soon now - just what is
that damage measured in bucks?
If I didn't use unlicensed PGP - I'd have to go get
"licensed" RSAREF/RIPEM and exactly $0. dollars
would go to PKP's bank account... Triple
damage is $0*3 = $0... So?
Ah, possible key registration fees? Sorry, but I
wasn't going to do that anyway! Sooo?
Does this mean, that we, non-commercial individuals,
don't really have much to lose, even if worst comes
to worst? (:-)
b) IMPORTING crypto into US may (or may not) violate the
ITAR (I'd have to clarify this with a lawyer), but I'd
assume it was going on (importing, that is :-) for
quite a while. So far neither US government, nor
NSA did really anything, either verbally or
physically, to stop such IMPORTING. Note,
that EXPORTING is under heavy fire from
both of them (:-).
Conclusions?
|> As for the argument that some make that "you" will probably neither get
|> caught nor prosecuted for this illegality, the ethics of that position
|> are open to the most serious questions (assuming my understanding
|> of the underlying situation is accurate).
Well, ethics of paying nothing for RIPEM and for paying nothing
for PGP? OK, maybe my sensitivity is down... (:-)
Or is the all idea PKP has - to dangle the RIPEM carrot in front
of our noses, to let us all appreciate the advantages of secure
mail - and then to revoke RSAREF licese? To say: "OK folks,
now we'd like to get tome nominal fee for our generosity."
|> Finally, given my understanding, the notion that if it's uploaded all
|> over the place, what can "they" do seems to betray a lack of both
|> realism and ethics. Try the argument that if lots of people take
|> cocaine, what can "they" do? to see this.
First - let's not compare apples and oranges here, OK? Emotions
are good, as long as they're under control (:-).
Second - there are some laws which people constantly break
(how about speed limit for one?) and even sort of
"safe zone" is established: if you violate
speed by no more than N miles per hour -
they won't bother you. And yes, 95%
of all the drivers I see on the
road (including myself :-) do
break this law. Not much
of consciousness (:-).
|> The proposal to produce a de novo version here in the U.S., based on
|> the IDEA algorithm (if published and the IDEA folks permit it), and
|> RSAREF (assuming RSA will license RSAREF for PGP), in contrast seems
|> both ethical and legal, if I understand this correctly.
PKP will never license anything for PGP. But:
a) if PKP revises their RSAREF license;
b) IDEA implementation is written somewhere here
(not a big deal, I warrant you :-).
then PGP with those add-on pieces will be perfectly legal.
|> Just a passing point on the latter paragraph--people shouldn't count
|> their RSAREFs 'til they're hatched. RSA still owns RSAREF, and though
|> they've licensed it, with a specific associated agreeement, for ripem,
|> that doesn't mean they HAVE to license it for a future PGP. Whoever is
|> doing this "legal PGP" project should check with Jim Bidzos of RSA
|> at their earliest opportunity (jim@rsa.com).
Well, I did and he said lots of nice things in his e-mail, including
his promise to send the copy of their revised license to me and to
post it to the Net on first Tuesday after Thanksgiving. Well, if
you saw that revised license - you saw more than I (:-).
Therefore I'd not bet on anything related to PKP.
Including future availability of RSAREF for
free for non-commercial users.
|> My own position is
|> that if one thinks a law or situation is incorrect, one moves to get
|> it changed, if possible. One does not take the law into one's own
|> hands. One particularly doesn't take innocent bystanders down with
|> one.
Any comments in relation between this statement and the law of speed
limit? [It appears to me, that everybody thinks this law is
just not there :-]
--
Regards,
Uri. uri@watson.ibm.com
------------
<Disclaimer>
=-=-=-=-=-=
Newsgroups: sci.crypt,alt.security.pgp
From: pmetzger@snark.shearson.com (Perry E. Metzger)
Subject: Re: PKP/RSA comments on PGP legality
Date: Tue, 15 Dec 1992 01:33:27 GMT
strnlght@netcom.com (David Sternlight) writes:
>
>Bill Stewart argues that the IDEA algorithm isn't covered by the
>Munitions Act provisions. Though I hope he's right, I'm not so
>sure. I think the Munitions Act covers cryptographic methods.
This can't be the case. I can travel to Europe, learn about IDEA, then
come to the US and hold a public speech on how the algorithm works. In
order to prohibit the "importation of cryptographic algorithms", as
opposed to cryptographic implementations, it would be necessary to
forever ban anyone who learned about any cryptographic system abroad
from ever reentering the US because having legitimately learned of the
system abroad no US law could prevent him from describing the system
to others, given that the first amendment would prohibit such a
restraint on speech.
It is, in fact, impossible to prohibit the export of unclassified
cryptographic algorithms (but not unclassified cryptographic software)
for exactly the same reason -- it would be necessary to prohibit
anyone who had ever read the DES specs, say, from leaving the US
without a license.
As we all know that the distinction between an algorithm and an
implementation in actual software is just a matter of effort that
educated programmers around the world can readily accomplish, it is
easily seen why the entire notion of export/import controls on
cryptography is idiotic. However, idiocy has never stopped the
government in the past, so there is little expectation it will stop it
in the future.
--
Perry Metzger pmetzger@shearson.com
--
"They can have my RSA key when they pry it from my cold dead fingers."
=-=-=-=-=-=
Newsgroups: sci.crypt,alt.security.pgp
From: hmiller@lucpul.it.luc.edu (Hugh Miller)
Subject: Re: PKP/RSA comments on PGP legality
Date: Tue, 15 Dec 1992 05:29:00 GMT
Mr. Bidzos gives the appearance of being a very effective lawyer,
representing the interests of his company, RSADSI/PKP, well.
Consider the post via Carl Ellison. By not making it under his own
name, but under Carl's headers, he achieves a double purpose. First, he
veils his threat. A veiled threat, of course, works better than a naked
one, since it leaves a greater measure of uncertainty in the mind of
potential end-users. And, after all, that is one of the principal aims
of the posting: to scare off potential end-users of PGP, currently the
world's most popular public-key encryption program. Second, he presents
the spectacle to the Net of an intimidated potential end-user, to wit,
Carl. This is also psychologically quite effective, as we in the
Internet community have the tendency to identify with Carl, being like
him. There has been a rush of postings on alt.security.pgp lately
urging the dropping of PGP for RIPEM. How very convenient. Success, so
far.
The issuance of credible and effective threats constitutes a large part
of the work of a lawyer. Threats are much less expensive than actual
lawsuits, and less risky (one can lose a lawsuit; one cannot `lose' a
threat). It is a cardinal rule of actual legal practice that one should
postpone as long as possible going to court over a situation which is
already favorable to you _in re_. Mr. Bidzos's company makes a modest
income from the (few) licenses it has issued to software developers, and
it wouldn't be prudent, as they say, for him to risk going to court and
subjecting the RSA patent (and his investors' capital) to the glaring
light of a public trial, when he can achieve his ends by intimidation
and innuendo. But this does not means that we, the readers and targets
of his threats, need to take them at face value.
Mr. Bidzos claims that we should avoid using PGP because it is
"tainted by serious ITAR violations." If it has fallen to the likes of
Mr. Bidzos to prosecute PGP developers, distributors, and users under
the ITAR, then the Reagan Revolution's privatization-of-government
schemes have gone farther than we thought. Mr. Bidzos does _not_ speak
for the federal government, although he may well have been speaking _to_
that government's agents about PGP. Some branch or other of the federal
government may well be bothered by the existence of PGP, but it would be
unlikely that any prosecution would be mounted by a federal agency
without a prolonged consideration of the political risks this would
involve. The Feds are still smarting over the Phasorphone and DES
debacles, not to mention NSA's failed attempt to wangle control of
crypto funding from the NSF, and the current bad publicity over the
FBI's "digital telephony" scheme. I hardly think they would be eager to
climb back into that saddle just yet, knowing the public outcry that
would greet such an attempt.
As to Mr. Bidzos's claim that by simply posting PGP on a BBS, "you
have exported it," this is laughably absurd. There are literally
hundreds of "data security" programs floating around the Internet and
the BBS world. Some employ DES; some their own `miracle' proprietary
schemes. All are examples of "privacy devices, cryptographic devices
and software (encoding and decoding), and components specifically
designed or modified therefore." For all the years these little
file-scramblers have been making it into the public domain, Mr. Bidzos
has managed to keep his zeal for the law in check. But ah, all of a
sudden up pops a public-key cryptosystem with source code supplied and
he is filled with patriotic elan.
Is Mr. Bidzos actually trying to goad the federal government into
launching some kind of major criminal prosecution against everyone who
has had a hand in the development or distribution of PGP? ITAR statutes
are criminal statutes; if you're convicted under them, you're looking at
hard time in Leavenworth. Is he seriously advocating prison sentences
for these persons, or for end-users of PGP? Is such a position really in
the best interests of his company, from any standpoint, since he is
actively promoting the same technology himself? If such a prosecution
actually were to go forward, cryptography in general would suffer, and
RSADSI/PKP along with it.
But what about the protection of the patent rights held by Mr.
Bidzos's company -- which it is his true and only aim to protect, ITAR
burblings being a side issue? What, then, are we to do, if we wish to
avail ourselves of the powerful assymetric cryptosystems which,
RSADSI/PKP claims, are all covered by their patent? It appears that we
cannot just go to the library, Xerox up Rivest, Shamir, and Adleman's "A
method for obtaining digital signatures and public key cryptosystems"
(CACM 21(2), 120-6, Feb. 1978), and devote a few hundred hours to
banging up an C implementation. The RSA algorithm is covered by a
patent, #4,405,829 (issued 20 Sept. 1983). RSADSI/PKP is the sole
assignee of the patent, held by MIT. They also have acquired the rights
to three other PK systems and are apparently claiming patent rights to
the very idea of public-key cryptography, which, unless I read the
literature wrong, was first published by Whit Diffie and Martin Hellman
("New directions in cryptography," IEEE Trans. Info. Theory, IT22,
644-54, Nov. 1976).
Mr. Bidzos advocates adoption of "a program, including source code,
called RSAREF," from RSADSI. Yet RSAREF is, to my knowledge, not a
complete program, but a set of subroutines which do a specific, limited,
and inflexible number of mathematical operations on given input data.
It is by no means a full program, and it would require a great deal of
work to build it up into one. (I have never seen any "rsaref" compiled
object code for any machine, any platform; only source code. And it is
my understanding that we would not even have RSAREF in the public domain
had it not been crowbarred out of RSADSI/PKP by the terms of one of
their federal grants. So RSAREF represents an algorithm for which we, the
taxpayers, have paid _twice_. Mr. Bidzos claims that it is being
offered for "free.") Even if one were to build a PK system upon RSAREF,
it would lack much of the flexibility and functionality of PGP, which
utilizes quite different data structures for its keys, key certificates,
keyrings, etc. etc. RIPEM, built upon RSAREF, from the beta version I
have seen (and which I downloaded by anonymous ftp from scss3.cl.msu.edu
two weeks ago, before the ftp archive there was closed to anon-ftp
access), is a slower program with fewer options and much less
functionality than PGP, especially on a non-Unix platform. It keeps
both the plaintext and encrypted text in memory together, and thus
imposes limitations on many end-users with small memory allocations.
Unlike PGP, it cannot do symmetric (private-key) encryption. It lacks
the ability to sign public keys. It relies heavily upon a centralized key
distribution authority (although it can be used without such), which PGP
does not. For its single-key cipher it utilizes, ahem, DES. Unlike
PGP, there is no current version for Macintosh and compatible computers.
And the docs for 4.2(beta) indicate that even its own author, Mark
Riordan, is unsure that "the current RSAREF license allows free personal
use of RIPEM by citizens of the United States and Canada." He _thinks_
it does. "However," he notes, "this personal interpretation has no legal
standing, and RIPEM users are urged to read the RSAREF license agreement
themselves." And Mr. Bidzos would like us to be reassured by this?
Mr. Bidzos urges us to avail ourselves of MailSafe, RSADSI's
proprietary end-user package (for Mess-DOS environments). Apparently
MailSafe is obtainable only by direct mail order from RSADSI. A call
this morning to the biggest local retailer of PC hardware and software
in Chicago, Elek-Tek, revealed that they had never heard of MailSafe,
and none of their distributors carries it. The same with CompUSA, in
Skokie. A call to Egghead Software, one of the biggest national chain
software retail dealerships, revealed that they had never heard of
MailSafe, and none of their distributors carries it. One could go on
and on. This is hardly the aggressive marketing one would expect from a
firm with a lock on a patent of critical importance to Americans in the
Information Age. Albert Einstein worked in a patent office, but it
never occurred to him to patent the theory of special relativity. If he
had, and had assigned the patent to Bidzos & co., the world's first
cyclotron would still be nothing but drawings in a grant proposal.
Mr. Bidzos and his co-workers at RSADSI/PKP may feel that, at some
point, they must go to court to protect the patents they claim. But as
prudent lawyers they must not relish the prospect. They risk a lot: not
just the patent(s), but the immensely bad publicity they would get from
such an action. Any victory they would win would be Pyrrhic, given the
immense fund of ill-will towards the issue of algorithmic patents
generally and these ones in particular evident in the computing
community. The ACM recently adopted a code of ethics which includes
among its "General Moral Imperatives" the stipulations that, "As an ACM
member I will... 1.5 Honor property rights including copyrights and
patents, ... 1.6 Give proper credit for intellectual property." These
stipulations are already generating heat among ACM members.
(Ironically, "General Moral Imperative" # 1.7 obliges ACM members to
"Respect the privacy of others.") I cannot believe that RSADSI/PKP
would think it worth their while to pursue a suit like this against a
freeware product produced by a worldwide group of relatively penniless
but widely admired computer professionals.
In the Information Age, in which we have been living for a long time
now, innovations like PK cryptosystems and David Chaum's untraceable-
transactions techniques will become crucial to the protection of our
rapidly diminishing privacy. They afford end-users the ability to take
effective control of the security of their communications and of the
availability of information about them, without having to trust to the
benignity of government agencies. In this new world, they ought to be
freely and widely available. To bar their use, or the dissemination of
knowledge concerning them, would be to deprive citizens of effective
means of preserving their own privacy. Privacy means nothing if
effective means to preserve it are lacking.
Consequently, I for one am not afraid to stand up and be counted as
a supporter of the fine work of the PGP development team, and especially
of Phil Zimmermann, who got the ball rolling with version 1.0. The
program currently has far more users and admirers than any other
public-key encryption system, and for good reason. It is an elegant
piece of work, made more elegant with each revision. Nor am I afraid to
put myself on record as a principled opponent of the RSA patent (and of
algorithm/software patents generally), and as an opponent of the
regulation by the government of cryptographic import/export/use in any
form. If my doing so creates any legal exposure for me, then that is a
risk I am prepared to take for the sake of the proverbial `eternal
vigilance.' If it actually ends up costing me or other like-minded
American citizens, then, in my view, this country's Constitution will
have suffered yet another humiliating debasement.
Hugh Miller
Department of Philosophy
Loyola University Chicago
Moderator, Info-PGP Digest
info-pgp-request@lucpul.it.luc.edu
--
Hugh Miller | Dept. of Philosophy | Loyola University of Chicago
Voice: 312-508-2727 | FAX: 312-508-2292 | hmiller@lucpul.it.luc.edu
***** End Info-PGP Digest *****
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
