From: Bruce Schneier <schneier@winternet.com>
To: cypherpunks@toad.com
Message Hash: 1e31fddc2886d8beb9db6185d81e89af8861dd03e556bb1f28b51fcc762b0da8
Message ID: <199509202038.PAA13656@icicle>
Reply To: N/A
UTC Datetime: 1995-09-20 20:38:31 UTC
Raw Date: Wed, 20 Sep 95 13:38:31 PDT
From: Bruce Schneier <schneier@winternet.com>
Date: Wed, 20 Sep 95 13:38:31 PDT
To: cypherpunks@toad.com
Subject: PKP Lawsuit Settled: Both Sides Claim Victory
Message-ID: <199509202038.PAA13656@icicle>
MIME-Version: 1.0
Content-Type: text
It looks as though the PKP suit is finally over, with both sides claiming
victory. Is the decision public? Can someone in California get a copy of
it and find out what really was decided.
Bruce
*****************************************************************************
SUNNYVALE, Calif.--(BUSINESS WIRE)--Sept. 18, 1995--An Arbitration Panel
has determined that RSA Data Security Inc. licensed software products,
practicing public-key technology to third parties without the legal rights
necessary to the patents covering the technology.
The decision, issued on Sept. 6, 1995, came in a binding arbitration
between RSA and CYLINK Corp., which formed the partnership known as Public
Key Partners (PKP) on April 6, 1990. The purpose of forming PKP was to
establish a security standard and jointly license security patents to leading
vendors in the high-tech industry.
CYLINK has indicated that it will enforce the binding decision in Federal
Court.
"The ruling exposes everyone of RSA's OEM customers -- from the time PKP
was formed in 1990 until the patents expire -- to the liability for patent
infringement," said Robert Fougner, general counsel, CYLINK.
"Because of the widespread interest in public key technology, this ruling
has enormous implications for the entire high-tech industry, impacting the
future of all electronic information exchanges including electronic commerce
and banking. The panel's decision vindicates our position that RSA Security
Inc. has been improperly licensing technology which they did not have the
necessary rights to."
The fundamental patents covering public key technology (Merkle-Hellman and
Rivest-Shamir-Adelman) had been held by the PKP partnership since 1990.
Effective Sept. 6, 1995, however, the arbitration ruled that PKP was
dissolved and the broadest of the public key patents (invented at Stanford
University and which cover all known implementations of public key
technology) revert from PKP back to CYLINK.
The panel further ruled that RSA Data Security Inc. could not grant its
software customers the right to make any copies of RSA-authored software
implementing Stanford public key technology.
In an order issued Sept. 12, 1995, the arbitrators said that "the intent of
the order is to clarify that to the extent a (RSA software) licensee makes
copies of the code (whether source or object), it is not protected as a
result of the order from a claim that the making of such copies is a `making'
under the patent laws upon which a claim for infringement of the Stanford
patents can be based."
"Cylink will assert the rights to the Stanford patents vigorously," said
David Morris, vice president of marketing, CYLINK. "The investors of public
key cryptography, especially Martin Hellman of Stanford University, have
never gotten a fair return for their ground breaking invention. Since the
formation of PKP, RSA Data Security Inc. had been granting software rights
which allowed licensees to copy and modify the programs, but without paying
PKP or the inventors a royalty for those rights."
Arbitration Ruling
The Stanford University patents include the Hellman-Merkle patent, the
first public key patent making the broadest claim of cryptography, a security
technique that ensures privacy, authentication and the integrity of
electronic information. Because the Hellman-Merkle patent claims cover all
implementations of public key techniques, including the techniques known as
RSA.
To avoid risk of a patent infringement suit under the Stanford patents,
any vendor who has purchased a license from RSA since April 6, 1990, or is
contemplating the purchase of an RSA license and is distributing software or
hardware covered by the Stanford University patents, must now obtain a
license to the Hellman-Merkle patent from CYLINK for their continued use.
Customers who would like to contact CYLINK about existing and future licenses
should call Robert Fougner, General Counsel, at 408/735-5800.
Background Information:
On April 6, 1990, RSA and CYLINK formed PKP to establish a security
standard, and jointly license security patents to leading vendors in the
high-tech industry. The security technology business is unusual in that it
is based on patents to which only these two companies have rights.
The patents originally developed at Stanford University (Diffie-Hellman,
Hellman-Merkle and Hellman-Pohling) broadly claim the invention of public-key
cryptography. Another patent, invented at MIT (Rivest-Shamir-Adelman) claims
a particular implementation of public key cryptography using the algorithm
known as "RSA."
In 1994, CYLINK initiated the arbitration against RSA, claiming that RSA's
licensing practices exceeded RSA's rights under the patents and violated the
agreements forming PKP. CYLINK further claimed that it was denied a promised
license to the RSA patent when PKP was formed. Among other rulings, the
arbitrators ruled that an April 1990 document grants CYLINK a patent license
to the RSA patent.
CYLINK Corp. is the world's largest provider of enterprise-wide network
information security products and wireless communications. Headquartered in
Sunnyvale, CYLINK serves Fortune 500 companies, multinational financial
institutions and many international government agencies.
--30--crd/sf* jar/sf
CONTACT:
Cylink Corporation, Sunnyvale
Kim Rose, 408/774-6447
***************************************************************************
REDWOOD CITY, Calif.--(BUSINESS WIRE)--Sept. 19, 1995--An Arbitration
Panel recently ruled that Cylink does not have a license to RSA patented
technology, that RSA's software licensing practices do not breach any
agreement with Cylink or its wholly owned subsidiary Caro-Kann and that RSA
now has the exclusive right to license the RSA patent.
In a Sept. 6, 1995 ruling, an Arbitration Panel, formed by agreement of
the parties, and after nearly a month of testimony, ruled in favor of RSA on
every significant issue. The Panel held that neither Cylink nor Caro-Kann
had a license to practice RSA patented technology. Cylink admittedly
incorporates this technology in its Secure X.25 product line, without any
license to do so.
The Panel also found that RSA's software licensing practices did not
materially breach any of Cylink's rights. The Panel did not rule that anyone,
(specifically including RSA and its software customers) infringed any
existing patent rights of anyone - including Cylink.
As a result of the Panel's ruling, RSA now has the exclusive right to
license the patented RSA technology. According to Jim Bidzos, the President
of RSA, "RSA will continue to conduct its software business in exactly the
same way that it has for the past ten years.
"In addition, RSA anticipates that licenses to the RSA Patent will now be
much more readily available, because they now can now be granted without
Cylink interference. RSA has all of the intellectual property rights which it
needs to license its software. RSA will vigorously defend against any claim
to the contrary."
A recent Cylink press release on the Ruling of the Arbitration Panel is
wildly inaccurate. The same Robert Fougner (Cylink's General Counsel) who is
cited in the Cylink press release has repeatedly made express representations
to third parties that the Stanford Patents do not cover, and are not
infringed by, the manufacture, use or sale of products incorporating RSA's
TIPEM software developer's toolkit.
As noted by Mr. Bidzos: "Cylink lost every single significant issue in the
Arbitration. Their press release was simply an attempt to cover up what has
been a crushing defeat."
Questions regarding the Arbitration Panel Ruling or RSA licenses should be
directed to Kurt Stammberger, RSA Technology Marketing Manager, or Paul
Livesay, RSA Director of Legal Affairs.
--30--as/sf*
CONTACT:
RSA
Kurt Stammberger, 415/595-8782
kurt@rsa.com
Return to September 1995
Return to “Bruce Schneier <schneier@winternet.com>”
1995-09-20 (Wed, 20 Sep 95 13:38:31 PDT) - PKP Lawsuit Settled: Both Sides Claim Victory - Bruce Schneier <schneier@winternet.com>