Larry,
Please note that any responses to your question "Are any of these encryption
algorithms patented?" are being provided by individuals in the spirit of
helpfulness and open sharing of information. Neither IETF nor the IETF Trust
provide assurances or advice as to whether or not technology covered by IETF
standards are covered by patent claims. The exclusive mechanism for soliciting
and disclosing patent claims within the context of IETF activity is specified
in RFC 3979, as we have discussed before. Please do not take anyone's efforts
to respond to your questions as "official" IETF positions, as they are not and
may not be relied upon as such.
Regards,
Jorge
-----Original Message-----
From: Steven M. Bellovin [mailto:smb(_at_)cs(_dot_)columbia(_dot_)edu]
Sent: Saturday, January 20, 2007 6:28 PM
To: lrosen(_at_)rosenlaw(_dot_)com
Cc: ipsec(_at_)ietf(_dot_)org; ietf(_at_)ietf(_dot_)org;
saag(_at_)mit(_dot_)edu
Subject: Re: MUST implement AES-CBC for IPsec ESP
On Sat, 20 Jan 2007 14:45:26 -0800
"Lawrence Rosen" <lrosen(_at_)rosenlaw(_dot_)com> wrote:
For ESP encryption algorithms, the document that was
sent out for
Last Call contains the following table:
Requirement Encryption Algorithm (notes)
----------- --------------------
MUST NULL (1)
MUST- TripleDES-CBC [RFC2451]
SHOULD+ AES-CBC with 128-bit keys [RFC3602]
SHOULD AES-CTR [RFC3686]
SHOULD NOT DES-CBC [RFC2405] (3)
The Last Call comment suggests changing the "SHOULD+"
for AES-CBC
to "MUST."
Are any of these encryption algorithms patented?
Almost certainly not. DES was patented, but the patent was never
enforced; it has long since expired. (Trivia: IBM filed a statement
saying that DES was royalty-free *if* used in one of the
NIST-approvedd
modes of operation. But they never went after anyone who used it in
other ways.) To my knowledge, 3DES was never patented; even if it had
been, it was first publicly described in 1979, so I doubt that any
patent would still be valid.
AES itself had to be unencumbered; see
http://csrc.nist.gov/CryptoToolkit/aes/pre-round1/aes_9709.htm#sec2d .
The designers of Rijndael never even attempted to patent it; see the
text quoted in RFC 3602 or the old Rijndael home page.
CBC dates from at least 1980 -- I seem to recall 1978, but I
don't have
a citation handy.
That leaves CTR mode. I doubt very much that it's patented,
since it's
been very well known for many years and NIST rarely standardizes
patented algorithms in this space (which I know you appreciate...).
However, I don't have any citations to prove this negative.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf