[4497] in cryptography@c2.net mail archive
Re: The name of "RSA"
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Apr 11 21:50:04 1999
To: Vin McLellan <vin@shore.net>
Cc: John David Galt <jdg@rahul.net>, cryptography@c2.net,
cypherpunks@algebra.com, stds-p1363@majordomo.ieee.org
Date: Fri, 09 Apr 1999 17:32:23 -0400
From: "Steven M. Bellovin" <smb@research.att.com>
In message <E10ViMX-0002ET-00@siren.shore.net>, Vin McLellan writes:
>
> The discussion of alternative names for "RSA" has been an amazing
> and entertaining carnival, spawned by a wildly exaggerated interpretation of
> a 3/1/99 SDTI letter to the P1363 working group. SDTI, RSA's parent firm,
> for which I have been a consultant for many years, never said they were
> going to restrict the use of the term RSA by real people, or even members of
> standards groups.
Vin, the original letter
(http://grouper.ieee.org/groups/1363/letters/SecurityDynamics.jpg)
specifically suggested that the algorithm identifiers be renamed, and
noted that "the terms 'RSA public key,' 'RSA private key,' and 'RSA
key pair' may similarly be affected by such protection". That sure
sounds to me as if they were claiming trademark protection in a way
that could affect implementors. The second letter, which you cite below,
suggests that they backed down, after seeing the public response. I personally
don't think anything was taken out of context or misinterpreted.
>
> The RSA brand name issue, as SDTI sees it, is whether commercial
> competitors will be allowed to mislead consumers as to who crafted a module
> of implementation code. The theater generated around this topic has been
> amazing, but anyone curious about SDTI's actual claims about RSA as a brand
> name should check out SDTI's new letter to IEEE at:
> <http://grouper.ieee.org/groups/1363/letters/SecurityDynamics2.jpg>
>
> Peter Wayner of the NYT did a great job in his 12/24/97 feature, but
> John Young's invaluable Cryptome website still has a copy of James Ellis
> 1987 paper -- "The History of Non-Secret Encryption" -- available in
> vanilla html and PS at: <http://jya.com/ellisdoc.htm>
>
> GESG, the British communications intelligence agency, published
> the Ellis paper ten years after it was written, on Dec. 14, 1997, shortly
> after Mr. Ellis died.
>
> In his paper, Ellis dates his own insight that secure cryptographic
> communications was possible with no prior exchange of secrets between
> parties from the late 1960s, with the first internal CESG publication on the
> topic dated January, 1970: " J H Ellis, The Possibility of Secure
> Non-Secret Digital Encryption, CESG Report, January 1970."
>
> With the generosity and courtesy typical of the most creative minds
> in modern crypto, Mr. Ellis gives full credit to Clifford Cocks for
> developing the first workable version of this concept -- an apparent
> special-case version of RSA, first described in an internal GESG pub on
> 20/11/73 -- and to Malcolm Williamson, who developed an apparent analogue
> to the Diffie-Hellman PKC (first described in an internal GESG pub on
> 21/1/74) a few months later.
>
> Except for the 1987 Ellis paper, the original GESG documents cited
> above are unavailable, apparently still classified by the British government.
The current archive (http://www.cesg.gov.uk/about/nsecret.htm) now has
four papers in both html and PDF format.
>
> There is yet another -- or possibly more than one (it's a big world,
> after all) -- unpublished "secret history of public key cryptography" in
> the armored archives which hold the secrets of the various national
> intelligence agencies.
I wonder what the Russian archives might hold.
>
> In the US, the former Director of the National Security Agency,
> Bobby Ray Inman, years ago claimed that public key cryptography was
> originally invented within the NSA. The NSA has never published anything to
> outline or date their original research in this area, although crypto
> historian David Kahn has repeatedly pressed them to do so.
As I understand it, Kahn is now the official NSA historian, which makes him
an insider. An outsider might try to FOIA such documents...
