1. Warlack's Avatar
    http://www.technologyreview.com/news...curity-crisis/

    RSA and Diffie-Hellmann security algorithms will be broken in the near future. BlackBerry has bought Certicom which has the patents for the new ECC encryption which will have to be adopted by virtually everybody.

    Together with the DOA deal, they have received clearance for, I don't worry about BlackBerry.

    Posted via CB10
    08-09-13 12:04 PM
  2. jpvj's Avatar
    Math Advances Raise the Prospect of an Internet Security Crisis | MIT Technology Review

    RSA and Diffie-Hellmann security algorithms will be broken in the near future.
    Hold your horses now... the article states "Our conclusion is there is a small but definite chance that RSA and classic Diffie-Hellman will not be usable for encryption purposes in four to five years". This is based on the assumption that somebody *might* have a breakthrough and provide a quite efficient algorithm for solving the discrete logarithmic problem.

    Normally encryption algorithms or hash functions are "retired" when researchers seems to find week spots. Usually it happens in small steps, but soving the DLP would be huge.

    I doubt BlackBerry would sit back and wait for this to happen. If it happens, it should be concidered a nice bonus ...
    DoktorFace likes this.
    08-09-13 12:30 PM
  3. kfh227's Avatar
    Safe primes gave an interesting history.

    USA government said to use them. 20 years later someone figured out why.



    Posted via CB10
    08-10-13 10:59 PM
  4. kfh227's Avatar
    Regarding ecc, how long are the patents good for?


    Posted via CB10
    08-10-13 10:59 PM
  5. merv69's Avatar
    Who knows, they might enforce it like they do the patent for USB charging which they have exclusively.

    Via my Zormtrooper...
    08-10-13 11:02 PM
  6. amazinglygraceless's Avatar
    Math Advances Raise the Prospect of an Internet Security Crisis | MIT Technology Review

    Together with the DOA deal, they have received clearance for, I don't worry about BlackBerry.
    Am I the only one who finds humor in this guy not being worried about BlackBerry while touting a DOA (dead on arrival) deal (I'm assuming you slipped and meant DoD)
    kbz1960 and yruz2bu like this.
    08-10-13 11:40 PM
  7. merv69's Avatar
    Am I the only one who finds humor in this guy not being worried about BlackBerry while touting a DOA (dead on arrival) deal (I'm assuming you slipped and meant DoD)
    Now that you pointed it out, lolz

    Via my Zormtrooper...
    08-10-13 11:58 PM
  8. McIrish's Avatar
    I just ran across this on another web site. very interesting. If other encryption options are cracked in the near future, Blackberry stands to be quite well off just licensing ECC to others. Intriguing....
    08-22-13 01:19 PM
  9. howarmat's Avatar
    yes in a few years.....BB needs something now. If BB gets bought then this would be part of the break up of the company and someone else probably ends up with the "goldmine"
    JeepBB likes this.
    08-22-13 01:33 PM
  10. bbfanboi007's Avatar
    yes in a few years.....BB needs something now. If BB gets bought then this would be part of the break up of the company and someone else probably ends up with the "goldmine"
    Key word: "if." we are talking about now. BlackBerry has this now. Gee, think BBRY might be just a tad bit undervalued?

    What if they go private or find a good business partner or two? What then?

    Either way, the shorts get absolutely slaughtered which will be sweet to watch.
    08-22-13 08:38 PM
  11. sha_sa2's Avatar
    ECC's founder Scott Vanstone got fired by Blackberry 2 years ago.
    08-23-13 12:22 AM
  12. anon1727506's Avatar
    Goldmine?

    How much gold is down there? To get the real value out of a Gold Mine, you have to get the gold out of the ground, if you are unable to do that you can try selling the whole mine. It might have value as a "potential" source of riches - but a buyer isn't going to pay top dollar for the Mine until he knows how much gold is down there, what it will cost to remove it, to refine it and to ship it out and to finally sell it - either at wholesale or retail prices.

    So yes BalckBerry might be sitting on a GoldMine - doesn't necessarily mean that they are going to get the full potential out of it.
    Troy Tiscareno likes this.
    08-23-13 09:55 AM
  13. m1a1mg's Avatar
    I wanted to get smarter about this issue and found this in my search. It's a response to a blog question.

    ECC patents are more about implementation techniques than the actual mathematical objects. Using elliptic curves for cryptography has been theorized and published in 1985, and patents live for only 20 years, so using elliptic curves is, per se, patent-free since 2005 (whether such patents would have held in court is unclear, but now these do not apply anymore).

    It has been said that the implementation of ECC in OpenSSL has been contributed by Sun Microsystems who took great care, in that time, not to use any implementation technique covered by any patent. In that sense, using OpenSSL will keep you free of the shark-infested patent waters. Note that nobody (and certainly not me) is guaranteeing that there won't be any patent-related legal trouble if you use OpenSSL (there are people who sue other people for a living, whether their case is valid or not), but this seems improbable. About half the Web today is powered by Apache+OpenSSL, and ECDHE support (hence elliptic curves) is enabled by default. If there was profit to make by suing people who use OpenSSL, the environment is so target-rich that the trial-feast would have already begun for good -- and that is not happening.

    ECC patents which might still be applicable are mostly about some optimizations of implementation of computations over curves in binary fields, in particular Koblitz curves and normal bases. See this previous answer. You will not use that without knowing it, though.

    Stating that Certicom and other companies "own" the technology is, at best, debatable. These companies occasionally claim ownership. However, whether mathematical objects can be "owned" at all is unclear. And the 20-year patent clock ticks for everybody; anything which was published in 1993 or before is now, by construction, patent-free.


    public key infrastructure - What is the optimal result for the elliptic curve patent issue? - IT Security Stack Exchange
    JeepBB and anon1727506 like this.
    08-23-13 03:48 PM
  14. anon1727506's Avatar
    I wanted to get smarter about this issue and found this in my search. It's a response to a blog question.

    ECC patents are more about implementation techniques than the actual mathematical objects. Using elliptic curves for cryptography has been theorized and published in 1985, and patents live for only 20 years, so using elliptic curves is, per se, patent-free since 2005 (whether such patents would have held in court is unclear, but now these do not apply anymore).

    It has been said that the implementation of ECC in OpenSSL has been contributed by Sun Microsystems who took great care, in that time, not to use any implementation technique covered by any patent. In that sense, using OpenSSL will keep you free of the shark-infested patent waters. Note that nobody (and certainly not me) is guaranteeing that there won't be any patent-related legal trouble if you use OpenSSL (there are people who sue other people for a living, whether their case is valid or not), but this seems improbable. About half the Web today is powered by Apache+OpenSSL, and ECDHE support (hence elliptic curves) is enabled by default. If there was profit to make by suing people who use OpenSSL, the environment is so target-rich that the trial-feast would have already begun for good -- and that is not happening.

    ECC patents which might still be applicable are mostly about some optimizations of implementation of computations over curves in binary fields, in particular Koblitz curves and normal bases. See this previous answer. You will not use that without knowing it, though.

    Stating that Certicom and other companies "own" the technology is, at best, debatable. These companies occasionally claim ownership. However, whether mathematical objects can be "owned" at all is unclear. And the 20-year patent clock ticks for everybody; anything which was published in 1993 or before is now, by construction, patent-free.


    public key infrastructure - What is the optimal result for the elliptic curve patent issue? - IT Security Stack Exchange

    Sounds like there isn't any gold down in the mine after all....
    JeepBB likes this.
    08-26-13 08:52 AM
  15. Hilman76's Avatar
    I think the author meant a landmine rather than a goldmine
    08-26-13 02:14 PM

Similar Threads

  1. Will we need a BIS plan when BBM goes free to ios and android?
    By elgranchuchu in forum General BBM Chat
    Replies: 13
    Last Post: 10-22-13, 09:02 PM
  2. Replies: 7
    Last Post: 09-05-13, 11:57 PM
  3. Writing a "Resistor Code" App for BB 10 and Playbook!
    By Tayeb786 in forum BlackBerry OS Apps
    Replies: 2
    Last Post: 08-09-13, 05:18 PM
  4. Schedule Anything (schedules + time tracking = you're on time)
    By jx01010110 in forum App Announcements
    Replies: 2
    Last Post: 08-09-13, 02:55 PM
  5. We are Seeing Dust Under Screen in Lots of New BB 9320!
    By Noob admin in forum BlackBerry Curve 9220/9320
    Replies: 2
    Last Post: 08-09-13, 02:17 PM
LINK TO POST COPIED TO CLIPBOARD