1995-09-20 - PKP Lawsuit Settled: Both Sides Claim Victory

Header Data

From: Bruce Schneier <schneier@winternet.com>
To: cypherpunks@toad.com
Message Hash: 1e31fddc2886d8beb9db6185d81e89af8861dd03e556bb1f28b51fcc762b0da8
Message ID: <199509202038.PAA13656@icicle>
Reply To: N/A
UTC Datetime: 1995-09-20 20:38:31 UTC
Raw Date: Wed, 20 Sep 95 13:38:31 PDT

Raw message

From: Bruce Schneier <schneier@winternet.com>
Date: Wed, 20 Sep 95 13:38:31 PDT
To: cypherpunks@toad.com
Subject: PKP Lawsuit Settled: Both Sides Claim Victory
Message-ID: <199509202038.PAA13656@icicle>
MIME-Version: 1.0
Content-Type: text



It looks as though the PKP suit is finally over, with both sides claiming
victory.  Is the decision public?  Can someone in California get a copy of
it and find out what really was decided.

Bruce
*****************************************************************************
    SUNNYVALE, Calif.--(BUSINESS WIRE)--Sept. 18, 1995--An  Arbitration Panel
has determined that RSA Data Security Inc.  licensed software products,
practicing public-key technology to  third parties without the legal rights
necessary to the patents  covering the technology. 

   The decision, issued on Sept. 6, 1995, came in a binding  arbitration
between RSA and CYLINK Corp., which formed the  partnership known as Public
Key Partners (PKP) on April 6, 1990. The purpose of forming PKP was to
establish a security standard and  jointly license security patents to leading
vendors in the high-tech  industry. 

   CYLINK has indicated that it will enforce the binding decision  in Federal
Court. 

   "The ruling exposes everyone of RSA's OEM customers -- from the  time PKP
was formed in 1990 until the patents expire -- to the  liability for patent
infringement," said Robert Fougner, general  counsel, CYLINK. 

   "Because of the widespread interest in public key technology,  this ruling
has enormous implications for the entire high-tech  industry, impacting the
future of all electronic information  exchanges including electronic commerce
and banking.  The panel's  decision vindicates our position that RSA Security
Inc. has been  improperly licensing technology which they did not have the 
necessary rights to." 

   The fundamental patents covering public key technology  (Merkle-Hellman and
Rivest-Shamir-Adelman) had been held by the PKP  partnership since 1990. 
Effective Sept. 6, 1995, however, the  arbitration ruled that PKP was
dissolved and the broadest of the  public key patents (invented at Stanford
University and which cover  all known implementations of public key
technology) revert from PKP  back to CYLINK. 

   The panel further ruled that RSA Data Security Inc. could not  grant its
software customers the right to make any copies of  RSA-authored software
implementing Stanford public key technology.   

   In an order issued Sept. 12, 1995, the arbitrators said that "the intent of
the order is to clarify that to the extent a (RSA  software) licensee makes
copies of the code (whether source or  object), it is not protected as a
result of the order from a claim  that the making of such copies is a `making'
under the patent laws  upon which a claim for infringement of the Stanford
patents can be  based." 

   "Cylink will assert the rights to the Stanford patents  vigorously," said
David Morris, vice president of marketing, CYLINK. "The investors of public
key cryptography, especially Martin Hellman  of Stanford University, have
never gotten a fair return for their  ground breaking invention.  Since the
formation of PKP, RSA Data  Security Inc. had been granting software rights
which allowed  licensees to copy and modify the programs, but without paying
PKP or  the inventors a royalty for those rights."  

Arbitration Ruling  

   The Stanford University patents include the Hellman-Merkle  patent, the
first public key patent making the broadest claim of  cryptography, a security
technique that ensures privacy,  authentication and the integrity of
electronic information.  Because  the Hellman-Merkle patent claims cover all
implementations of public  key techniques, including the techniques known as
RSA. 

   To avoid risk of a patent infringement suit under the Stanford  patents,
any vendor who has purchased a license from RSA since April  6, 1990, or is
contemplating the purchase of an RSA license and is  distributing software or
hardware covered by the Stanford University  patents, must now obtain a
license to the Hellman-Merkle patent from  CYLINK for their continued use. 
Customers who would like to contact  CYLINK about existing and future licenses
should call Robert  Fougner, General Counsel, at 408/735-5800.  

Background Information:    
   On April 6, 1990, RSA and CYLINK formed PKP to establish a  security
standard, and jointly license security patents to leading  vendors in the
high-tech industry.  The security technology business  is unusual in that it
is based on patents to which only these two  companies have rights. 

   The patents originally developed at Stanford University  (Diffie-Hellman,
Hellman-Merkle and Hellman-Pohling) broadly claim  the invention of public-key
cryptography.  Another patent, invented  at MIT (Rivest-Shamir-Adelman) claims
a particular implementation of  public key cryptography using the algorithm
known as "RSA." 

   In 1994, CYLINK initiated the arbitration against RSA, claiming  that RSA's
licensing practices exceeded RSA's rights under the  patents and violated the
agreements forming PKP.  CYLINK further  claimed that it was denied a promised
license to the RSA patent when  PKP was formed.  Among other rulings, the
arbitrators ruled that an  April 1990 document grants CYLINK a patent license
to the RSA  patent. 

   CYLINK Corp. is the world's largest provider of enterprise-wide  network
information security products and wireless communications.   Headquartered in
Sunnyvale, CYLINK serves Fortune 500 companies,  multinational financial
institutions and many international  government agencies.  

   --30--crd/sf* jar/sf  

CONTACT:  

Cylink Corporation, Sunnyvale 

Kim Rose, 408/774-6447
***************************************************************************
    REDWOOD CITY, Calif.--(BUSINESS WIRE)--Sept. 19, 1995--An  Arbitration
Panel recently ruled that Cylink does not have a license  to RSA patented
technology, that RSA's software licensing practices  do not breach any
agreement with Cylink or its wholly owned  subsidiary Caro-Kann and that RSA
now has the exclusive right to  license the RSA patent.   

   In a Sept. 6, 1995 ruling, an Arbitration Panel, formed by  agreement of
the parties, and after nearly a month of testimony,  ruled in favor of RSA on
every significant issue.  The Panel held  that neither Cylink nor Caro-Kann
had a license to practice RSA  patented technology.  Cylink admittedly
incorporates this technology  in its Secure X.25 product line, without any
license to do so.   

   The Panel also found that RSA's software licensing practices did  not
materially breach any of Cylink's rights.  The Panel did not rule that anyone,
(specifically including RSA and its software customers)  infringed any
existing patent rights of anyone - including Cylink.   

   As a result of the Panel's ruling, RSA now has the exclusive  right to
license the patented RSA technology.  According to Jim  Bidzos, the President
of RSA, "RSA will continue to conduct its  software business in exactly the
same way that it has for the past  ten years.   

   "In addition, RSA anticipates that licenses to the RSA Patent  will now be
much more readily available, because they now can now be  granted without
Cylink interference.  RSA has all of the intellectual property rights which it
needs to license its software.  RSA will  vigorously defend against any claim
to the contrary."   

   A recent Cylink press release on the Ruling of the Arbitration  Panel is
wildly inaccurate.  The same Robert Fougner (Cylink's  General Counsel) who is
cited in the Cylink press release has  repeatedly made express representations
to third parties that the  Stanford Patents do not cover, and are not
infringed by, the  manufacture, use or sale of products incorporating RSA's
TIPEM  software developer's toolkit.   

   As noted by Mr. Bidzos: "Cylink lost every single significant  issue in the
Arbitration.  Their press release was simply an attempt  to cover up what has
been a crushing defeat."   

   Questions regarding the Arbitration Panel Ruling or RSA licenses  should be
directed to Kurt Stammberger, RSA Technology Marketing  Manager, or Paul
Livesay, RSA Director of Legal Affairs.    

   --30--as/sf*  

CONTACT:  

RSA 

Kurt Stammberger, 415/595-8782 

kurt@rsa.com





Thread