The restrictions on RSA are so involved they can give one the feeling
a conspiracy is afoot to stifle the use of encryption.
It's actually pretty simple, Brad. Here's the scoop from a grad student
(me) who has been interested in seeing public domain cryptography available:
RSA Data Security is a relatively on-the-ball small company which
happens to have a legal monopoly on the commercial use of public key
encryption, through its sister company Public Key Partners. Naturally,
they're interested in making money, in an orderly fashion that inspires
trust in their security mechanisms.
As far as public domain software is concerned, "making money" and "orderly"
are not words that usually come to mind. The only reason that they've made
RSAREF (the free official RSA implementation) available is that it's an
explicit condition on some DARPA money they got a few years ago.
Anyone publishing unlicenced RSA software has been warned by PKP's lawyers of
possible legal action. This has been harmful to the spirit of free inquiry.
I'm not casting blame -- almost any closed-minded businessmen would do the
same thing -- but I'm disappointed that the academics at RSADSI weren't able
to guide the company into a more open stance. RSADSI has stalled and
disrupted the exchange of information and research regarding public key
cryptography, and has hurt itself in doing so.
However, since algorithms are not patentable outside the USA, the
recent PGP 2.0 release by a team of European hackers changes the
roadmap somewhat. There will be a lot of relatively undisciplined RSA
hacking and usage on the Internet from now on. In addition, there's at
least one licensed free RSA release using RSAREF: "ripem" by Mark
Riordan (mrr(_at_)scss3(_dot_)cl(_dot_)msu(_dot_)edu). The spread of such
systems will be
both good (in spreading the ideas) and bad (by making an unholy mess).
A big question mark on the horizon is (a) how well PEM will do in the
Internet community, when it ever gets released, which seems to me to be
receding farther and farther in the future, and (b) how will PEM and PKP
coexist a couple of years down the road? It would be a shame if (as seems
likely) two mutually hostile factions come to exist.
I think the PEM project has dropped the ball by being two years slower than
it should have been. It's essential to get a product out, fast, and to make
it clear that PEM is a good way to go for the Internet and that it will not
incur undue licensing and key registration burdens.
-- Marc Ringuette (mnr(_at_)cs(_dot_)cmu(_dot_)edu)