On Sat, 20 Jan 2007 14:45:26 -0800
"Lawrence Rosen" <lrosen(_at_)rosenlaw(_dot_)com> wrote:
For ESP encryption algorithms, the document that was sent out for
Last Call contains the following table:
Requirement Encryption Algorithm (notes)
----------- --------------------
MUST NULL (1)
MUST- TripleDES-CBC [RFC2451]
SHOULD+ AES-CBC with 128-bit keys [RFC3602]
SHOULD AES-CTR [RFC3686]
SHOULD NOT DES-CBC [RFC2405] (3)
The Last Call comment suggests changing the "SHOULD+" for AES-CBC
to "MUST."
Are any of these encryption algorithms patented?
Almost certainly not. DES was patented, but the patent was never
enforced; it has long since expired. (Trivia: IBM filed a statement
saying that DES was royalty-free *if* used in one of the NIST-approvedd
modes of operation. But they never went after anyone who used it in
other ways.) To my knowledge, 3DES was never patented; even if it had
been, it was first publicly described in 1979, so I doubt that any
patent would still be valid.
AES itself had to be unencumbered; see
http://csrc.nist.gov/CryptoToolkit/aes/pre-round1/aes_9709.htm#sec2d .
The designers of Rijndael never even attempted to patent it; see the
text quoted in RFC 3602 or the old Rijndael home page.
CBC dates from at least 1980 -- I seem to recall 1978, but I don't have
a citation handy.
That leaves CTR mode. I doubt very much that it's patented, since it's
been very well known for many years and NIST rarely standardizes
patented algorithms in this space (which I know you appreciate...).
However, I don't have any citations to prove this negative.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf