Fwd: Digital Signature Standard
JRAMON at mvax.fmed.uam.es
JRAMON at mvax.fmed.uam.es
Fri Jul 2 05:51:00 EST 1993
From: CCUAM2::IN%"info-gnu-request at prep.ai.mit.edu" 2-JUL-1993 06:11:38.65
To: IN%"info-gnu at prep.ai.mit.edu"
Subj: Digital Signature Scandal
Return-path: <gnulists at ai.mit.edu>
Received: from life.ai.mit.edu by ccuam2 (PMDF #12458) id
<01H0221C8DK091VW2R at ccuam2>; Fri, 2 Jul 1993 06:11 GMT
Received: from pop-tarts (pop-tarts.ai.mit.edu) by life.ai.mit.edu
(4.1/AI-4.10) for JRAMON at uamed.uam.es id AA11905; Thu, 1 Jul 93 22:44:19 EDT
Received: by pop-tarts (4.1/AI-4.10) id AA05259; Thu, 1 Jul 93 22:44:17 EDT
Resent-date: Tue, 29 Jun 93 16:30:21 edt
Date: Tue, 29 Jun 93 16:30:21 edt
Resent-from: info-gnu-request at prep.ai.mit.edu
From: friedman at gnu.ai.mit.edu (Noah Friedman)
Subject: Digital Signature Scandal
Sender: gnulists at ai.mit.edu
To: info-gnu at prep.ai.mit.edu
Resent-message-id: <9307020244.AA05259 at pop-tarts>
Message-id: <9306292030.AA01764 at nutrimat.gnu.ai.mit.edu>
X-Envelope-to: JRAMON at uamed
[The following is an official announcement from the League for Programming
Freedom. Please redistribute this as widely as possible.]
Digital Signature Scandal
Digital signature is a technique whereby one person (call her
J. R. Gensym) can produce a specially encrypted number which anyone
can verify could only have been produced by her. (Typically a
particular signature number encodes additional information such as a
date and time or a legal document being signed.) Anyone can decrypt
the number because that can be done with information that is
published; but producing such a number uses a "key" (a password) that
J. R. Gensym does not tell to anyone else.
Several years ago, Congress directed the NIST (National Institute of
Standards and Technology, formerly the National Bureau of Standards)
to choose a single digital signature algorithm as a standard for the
In 1992, two algorithms were under consideration. One had been
developed by NIST with advice from the NSA (National Security Agency),
which engages in electronic spying and decoding. There was widespread
suspicion that this algorithm had been designed to facilitate some
sort of trickery.
The fact that NIST had applied for a patent on this algorithm
engendered additional suspicion; despite their assurances that this
would not be used to interfere with use of the technique, people could
imagine no harmless motive for patenting it.
The other algorithm was proposed by a company called PKP, Inc., which
not coincidentally has patents covering its use. This alternative had
a disadvantage that was not just speculation: if this algorithm were
adopted as the standard, everyone using the standard would have to pay
(The same patents cover the broader field of public key cryptography,
a technique whose use in the US has been mostly inhibited for a decade
by PKP's assiduous enforcement of these patents. The patents were
licensed exclusively to PKP by the Massachusetts Institute of
Technology and Stanford University, and derive from taxpayer-funded
PKP, Inc. made much of the suspect nature of the NIST algorithm and
portrayed itself as warning the public about this.
On June 8, NIST published a new plan which combines the worst of both
worlds: to adopt the suspect NIST algorithm, and give PKP, Inc. an
*exclusive* license to the patent for it. This plan places digital
signature use under the control of PKP through the year 2010.
By agreeing to this arrangement, PKP, Inc. shows that its concern to
protect the public from possible trickery was a sham. Its real desire
was, as one might have guessed, to own an official national standard.
Meanwhile, NIST has justified past suspicion about its patent
application by proposing to give that patent (in effect) to a private
Instead of making a gift to PKP, Inc., of the work all of us have paid
for, NIST and Congress ought to protect our access to it--by pursuing
all possible means, judicial and legislative, to invalidate or annull
the PKP patents. If that fails, even taking them by eminent domain is
better (and cheaper in the long run!) than the current plan.
You can write to NIST to object to this giveaway. Write to:
Michael R. Rubin
Active Chief Counsel for Technology
Room A-1111, Administration Building,
National Institute of Standards and Technology
Gaithersburg, Maryland 20899
The deadline for arrival of letters is around August 4.
Please send a copy of your letter to:
League for Programming Freedom
1 Kendall Square #143
Cambridge, Massachusetts 02139
(The League for Programming Freedom is an organization which defends
the freedom to write software, and opposes monopolies such as patented
algorithms and copyrighted languages. It advocates returning to the
former legal system under which if you write the program, you are free
to use it. Please write to the League if you want more information.)
Sending copies to the League will enable us to show them to elected
officials if that is useful.
This text was transcribed from a fax and may have transcription
errors. We believe the text to be correct but some of the numbers
may be incorrect or incomplete.
** The following notice was published in the Federal Register, Vol.
58, No. 108, dated June 8, 1993 under Notices **
National Institute of Standards and Technology
Notice of Proposal for Grant of Exclusive Patent License
This is to notify the public that the National Institute of
Standards and Technology (NIST) intends to grant an exclusive
world-wide license to Public Key Partners of Sunnyvale, California
to practice the Invention embodied in U.S. Patent Application No.
07/738.431 and entitled "Digital Signature Algorithm." A PCT
application has been filed. The rights in the invention have been
assigned to the United States of America.
The prospective license is a cross-license which would resolve a
patent dispute with Public Key Partners and includes the right to
sublicense. Notice of availability of this invention for licensing
was waived because it was determined that expeditious granting of
such license will best serve the interest of the Federal Government
and the public. Public Key Partners has provided NIST with the
materials contained in Appendix A as part of their proposal to
Inquiries, comments, and other materials relating to the prospec-
tive license shall be submitted to Michael R. Rubin, Active Chief
Counsel for Technology, Room A-1111, Administration Building,
National Institute of Standards and Technology, Gaithersburg,
Maryland 20899. His telephone number is (301) 975-2803. Applica-
tions for a license filed in response to this notice will be
treated as objections to the grant of the prospective license.
Only written comments and/or applications for a license which are
received by NIST within sixty (60) days for the publication of this
notice will be considered.
The prospective license will be granted unless, within sixty (60)
days of this notice, NIST receives written evidence and argument
which established that the grant of the license would not be
consistent with the requirements of 35 U.S.C. 209 and 37 CFR 404.7.
Dated: June 2, 1993.
Raymond G. Kammer
Acting Director, National Institute Standards and Technology.
The National Institute for Standards and Technology ("NIST") has
announced its intention to grant Public Key Partners ("PKP")
sublicensing rights to NIST's pending patent application on the
Digital Signature Algorithm ("DSA").
Subject to NIST's grant of this license, PKP is pleased to declare
its support for the proposed Federal Information Processing
Standard for Digital Signatures (the "DSS") and the pending
availability of licenses to practice the DSA. In addition to the
DSA, licenses to practice digital signatures will be offered by PKP
under the following patents:
Cryptographic Apparatus and Method ("Diffie-Hellman")
Public Key Cryptographic Apparatus and Method
("Hellman-Merkle") No. 4,315,552
Exponential Cryptographic Apparatus and Method
("Hellman-Pohlig") No. 4,434,414
Method For Identifying Subscribers And For Generating
And Verifying Electronic Signatures In A Data Exchange
System ("Schnorr") No. 4,995,082
It is PKP's intent to make practice of the DSA royalty free for
personal, noncommercial and U.S. Federal, state and local
government use. As explained below, only those parties who enjoy
commercial benefit from making or selling products, or certifying
digital signatures, will be required to pay royalties to practice
PKP will also grant a license to practice key management, at no
additional fee, for the integrated circuits which will implement
both the DSA and the anticipated Federal Information Processing
Standard for the "key escrow" system announced by President Clinton
on April 16, 1993.
Having stated these intentions, PKP now takes this opportunity to
publish its guidelines for granting uniform licenses to all parties
having a commercial interest in practicing this technology:
First, no party will be denied a license for any reason other that
(i) Failure to meet its payment obligations,
(ii) Outstanding claims of infringement, or
(iii) Previous termination due to material breach.
Second, licenses will be granted for any embodiment sold by the
licensee or made for its use, whether for final products software,
or compfinal products software,
or components such as integrated circuits and boards, and regard-
less of the licensee's channel of distribution. Provided the
requisite royalties have been paid by the seller on the enabling
component(s), no further royalties will be owned by the buyer for
making or selling the final product which incorporates such
Third, the practice of digital signatures in accordance with the
DSS may be licensed separately from any other technical art covered
by PKP's patents.
Fourth, PKP's royalty rates for the right to make or sell products,
subject to uniform minimum fees, will be no more than 2 1/2% for
More information about the Bio-soft