IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Elliptic-Curve Diffie-Hellman Key Exchange draft



Sun has contributed an ECC implementation to the OpenSSL project, and has filed some patent applications related to elliptic curve cryptography, but has explicitly indicated in the ECC code it contributed to the OpenSSL project that "Sun does not intend to assert its patent rights associated with the code that was delivered to the OpenSSL project."

I'm always uneasy about such promises. Ok, Sun may have the best intentions now. But even if Sun's intentions don't change over time, the patents could be sold off to other companies with different plans.

In my previous email I should have included the actual legal covenant Sun made in contributing its code to the OpenSSL project:

 * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
 * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
 * to the OpenSSL project.
 *
 * The ECC Code is licensed pursuant to the OpenSSL open source
 * license provided below.
 *
 * In addition, Sun covenants to all licensees who provide a reciprocal
 * covenant with respect to their own patents if any, not to sue under
 * current and future patent claims necessarily infringed by the making,
 * using, practicing, selling, offering for sale and/or otherwise
* disposing of the ECC Code as delivered hereunder (or portions thereof),
 * provided that such covenant shall not apply:
 *  1) for code that a licensee deletes from the ECC Code;
 *  2) separates from the ECC Code; or
 *  3) for infringements caused by:
 *       i) the modification of the ECC Code or
 *      ii) the combination of the ECC Code with other software or
 *          devices where such combination causes the infringement.

This license only appears in one file in OpenSSL, crypto/bn/bn_gf2m.c, which is the only file Sun contributed that contains technology covered under Sun patents (patent 6721771 as listed below). Moreover, this code is #ifdef'ed out by default and replaced by a text-book implementation. So it is certainly possible to have no Sun-patented technology in an ECC implementation (and default configurations of OpenSSL would have that status). Other open-source ECC implementations, like that in NSS, have no Sun-patented technology in them.

What patents do Sun have in this area? Searching for "Sun" and "Elliptic" I find US patent 6721771, : Method for efficient modular polynomial division in finite fields f(2 m)
[...]
and four published applications,
: 20030212729 Modular multiplier
: 20030208518 Generic implementations of ellipitic [sic] curve
:             cryptography using partial reduction
: 20030206629 Hardware accelerator for elliptic curve cryptography
: 20030206628 Generic modular multiplier using partial reduction

Are these the relevant patents, or am I missing something? (There are 3811 patents assigned to "Sun Microsystems" in the uspto database, and 795 published patent applications, so I really can't make an exhaustive search).

To my knowledge, those are the relevant patents and applications, although there may be others filed in the future. Note that Sun's covenant as listed above covers all "current and future patent claims" concerning the contributed code.

Douglas




Home | Main Index | Thread Index | Old Index