From: Mike Rosing <cryptech@Mars.mcs.com>
Date: Tue, 12 Sep 95 17:34:40 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Elliptic Curve Public Key Crypto available
In-Reply-To: <9509121658.AA00550@ch1d157nwk>
Message-ID: <Pine.3.89.9509121934.A15499-0100000@Mars.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 12 Sep 1995, Andrew Loewenstern wrote:

> What about NeXT's Fast Elliptic Encryption (FEE)?  Their research guy,  
> Richard Crandall, came up with major speedups to elliptic curve encryption.   
> In fact, there was a simple cryptosystem that shipped as a demo with NeXTSTEP  
> 2.0.  What was most interesting about this system was that it didn't store  
> any keys anywhere;  your public/private key pair was generated _on the fly_  
> from your passphrase every time you encrypted or decrypted....on a 25mhz  
> 68040 too...   and it was fast!  It wasn't that great of an implementation  
> (you _really_ need a lot of bits of entropy in that passphrase, and you can't  
> change your passphrase without changing your PK), but it shows how fast  
> NeXT's speedups are.  And this was in 1990...
> 
> I'm not sure if the speedups are patented, but you could try a literature  
> search.  If it really is fast then it could mean good things for servers that  
> need to do a lot of enrcyption/decrption for interaction with clients.

Yes, the speedups are patented.  Their system relied on very specific 
curves with very specific properties.  I purposly avoided coding up their 
method because of that.  Their method is described in patent #5,159,632 
dated Oct 27, 1992 and it uses a different equation (supersingular 
version) than what I implemented.  The price is slower speed, but with 
100 MHz processors you won't notice.

Patience, persistence, truth,
Dr. mike