From: John Young <jya@pipeline.com>
Date: Thu, 28 May 1998 05:14:00 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Public Key Royalties
Message-ID: <199805281213.IAA04745@camel14.mindspring.com>
MIME-Version: 1.0
Content-Type: text/plain


[Forward]

:
:
:
Date: Thu, 28 May 1998 03:17:16 -0400
To: John Young <jya@pipeline.com>
From: Vin McLellan <vin@shore.net>
Subject: Public Key Royalties

Hi John:

	You recently posted a note from a 5/7/98 GAO report[*] on federal
(Bayh-Dole Act) funding for US research universities in which documented
MIT's 1996 revenues from the commercialization of public key crypto. In an
accompanying note, you raised a few questions about the historical
background of PKC that I thought a deserved response.

	The politics of crypto in the US is burdened with enough shadowy
plots that it behooves those of us who try to track the history of the
industry to keep a grip on simple historical fact whenever we can.

	I personally think the key figures involved in the discovery of PKC
-- certainly Whit Diffie, Martin Hellman, Ron Rivest and Len Adleman --
have for years been exemplary role-models of personal and intellectual
discipline, professional openness, and forthright political engagment (in
the best sense of the word). I wouldn't like to see the public's
understanding of their contributions lost beneath another layer of
Byzantine conspiracy theories.

	You wrote:

>In a recent GAO report on governmental funding of university research
>there is this note:
>
>   In fiscal year 1996, the commercialization of the public key encryption
>   method, which was developed under grants from the Navy and NSF,
>   resulted in $271,875 in royalties to MIT.
>
>Does this refer to RSA or PGP? Did the Navy underwrite RSA's PK work?
>If so does the USG have a secret stake in PGP, Network Associates
>and RSA?
>
>More: did the Navy guide PK researchers based on the secret UK PK work
>before Diffie-Hellman?

	Quick answers to your first questions:

	(1) RSA. RSA Data Security Inc.(RSADSI), a company started by the
three inventors of the RSA cryptosystem was given a contract by MIT to
commercialize the RSA cryptosystem. Under the terms of that contract,
RSADSI pays royalties to MIT, which still owns the RSA patent.

	(2) Nope. The Office of Naval Research (ONI) did staff the
"contracting office" responsible for administering DARPA funding for the
MIT labs where Rivest, Shamir, and Adleman did their initial work -- but
neither the Navy, nor DARPA, nor the NSA, nor the CIA, nor the Feebees
supported the subsequent development of public key cryptography at RSADSI
(the company started by the three inventors which was subsequently given an
exclusive contract by MIT to commercialize the RSA algorithm.)

	(3) No secret stake in RSADSI -- so say the sworn documents filed
with the SEC before the 1996 merger of RSADSI and SDTI. PGP was not
developed at MIT. PGP has never paid royalties to MIT. I don't actually
know if there is, or ever was, any relationship or federal "stake" in PGP
Inc. or Network Associates Inc., but I doubt it. (I also think your
suggestion, without evidence, is a fairly gratuitous slander against all
these firms -- given the historic interest of US government agencies in
weakening non-government crypto and/or forcing independent cryptographic
vendors to corrupt their designs with backdoors to allow surreptitous

government access to encrypted messages and files.)

	As you may recall, I do a lot of consulting for Security Dynamics
(SDTI), which purchased RSADSI in 1996.  I sent your questions over to Ron
Rivest, and he asked me to pass along his response:

>The work on RSA at MIT was supported by NSF grant MCS76-14294 and ONR
>(Office of Naval Research) grant N00014-67-A-0204-0063. (See the
>footnote on the original RSA paper.)  I note that the ONR is the
>contracting office for a DARPA grant here; the "Navy" as such was not
>involved.
>
>(The grants listed above did not even specify cryptography in their
>proposals, and it was more of a courtesy than anything else to
>acknowledge their support on the RSA paper, since they were supporting
>other research in algorithms and such.)
>
>As a consequence of this support, the U.S. government does not have to
>pay royalties on the "RSA patent" (U.S. patent 4,405,829.)  This is a
>standard arrangement for government-supported research; the government
>doesn't want to have to pay twice for the work.
>
>There is no "secret stake" by the government in RSA.  The royalty-free
>license of the patent is their only involvement.
>
>There was no contact, influence, or involvement from any government
>source regarding our development of RSA.  Assuming (correctly, I
>believe) that the Diffe-Hellman paper (New Directions in Cryptography)
>was developed independently of any similar developments in the U.K.,
>then the academic development of the concept of public-key, and our
>consequent development of RSA, were totally independent of whatever
>developments happened earlier in the U.K.
>
>Indeed, given the reaction from the government that we've seen ever
>since, trying to control and/or suppress public-key technology, it is
>extremely bizarre to conjecture that the government in any way
>encouraged it early on or gave technical advice based on work in the U.K.

	I suggest anyone interested in the work on "dual key" cryptography
by British government cryptographers in the early 1970s will want to read
Jame Ellis' fascinating paper, published last December by the British
government, at: http://www.cesg.gov.uk/ellisint.htm  There was also a brief
but helpful NYT article by Peter Wayner, available at:
http://www.nytimes.com/library/cyber/week/122497encrypt.html

	There have doubtless been numerous breakthroughs and great
inventions in the shadowy world of government cryptography. Unfortunately,
the hostility of this (and most governments) have shown toward allowing
such privacy-enabling technologies to fall into the hands of mere citizens
will probably mean that we will have to wait for those inventions to be
rediscovered and thus made available to the free world by others.

	I think we were all lucky that public key crypto -- the necessary
foundation for on-line electronic commerce, which in turn is seen by many
as potentially the economic engine for 21st Century -- was discovered, or
rediscovered, by mere citizens who looked first to its personal and
commercial implications.

	I don't think there was a chance in hell that GCHQ, or the NSA
(which also claims to have separately discovered PKC ten years before

Hellman and Diffie conceived of it) could have recognized its personal or
commercial potential... or would have allowed it to come into the
widespread use we see today if, perchance, they _had_ foreseen that
potential.

	Please feel free to post this. Thanks again for all your work
collecting the treasure trove of documents you have at jya.com.  It's an
invaluable resource.

	Surete,

		_Vin

-----
"Cryptography is like literacy in the Dark Ages. Infinitely potent, for
good and ill... yet basically an intellectual construct, an idea, which by
its nature will resist efforts to restrict it to bureaucrats and others who
deem only themselves worthy of such Privilege."
_ A thinking man's Creed for Crypto/ vbm.

*     Vin McLellan + The Privacy Guild + <vin@shore.net>    *
  53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548

[End Forward]

* See report: http://jya.com/rced-98-126.txt  (184K)