From: "Scott Collins" <scott_collins@genmagic.com>
Date: Fri, 23 Oct 92 00:06:14 PDT
To: "Cypher Punks" <cypherpunks@toad.com>
Subject: Diffie-Hellman
Message-ID: <9210230706.AA04122@relay2.UU.NET>
MIME-Version: 1.0
Content-Type: text/plain


Subject:  Diffie-Hellman

>Since there's no perceived value and since all the software would
>require license from RSADSI, it won't happen that way.

It was not my understanding that RSA held any patents, copyrights or other controls
over Diffie-Hellman key exchange.  The 'big-number' math required is not
difficult and is fully documented in Knuth's "The Art of Computer Programming",
vol2: Seminumerical Algorithms; section 4.3: Multiple Precision Arithmetic. 
Also note that this multiple precision code is available in the PGP source in
the file mpilib.c.

The exchanged key could easily be a DES (or other fast symmetric cypher) key --
and usually is.  Unless you want to perform an authenticated key exchange with
Diffie-Hellman as described in "Authentication and Authenticated Key Exchanges" [Diffie,
Van Oorschot and Wiener in "Designs, Codes and Cryptography", 2, 107-125 (1992)]
using certificates signed with the RSA algorithm, then RSA doesn't have to enter
the picture at all.

Is my understanding of RSAs controls incorrect?