29-09-2012, 02:41 PM
Using the RSA Algorithm for Encryption and Digital Signatures
ABSTRACT
"Public key cryptography," a method for encrypting messages to be transmitted over an insecure channel, and "digital signatures," a method for authenticating the author of a message transmitted over an insecure channel, are emerging as fundamental tools for conducting business securely over the Internet. These technologies are widely expected to be used to conduct billions of dollars in electronic commerce within the next few years. However, the broad deployment of these technologies is substantially burdened by licensing demands being made by the owner of United States Patent No. 4,405,829, which is known as the "RSA Patent." It has become commonly accepted Internet lore that the RSA Patent covers most of the commonly used techniques for public key encryption and digital signatures, and that a patent license from the owner of the RSA Patent is necessary to employ these techniques. As this article explores in some detail, however, the RSA Patent is far more limited in scope and far more vulnerable to a validity challenge than is generally assumed.