lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 7 Feb 2014 10:46:29 -0500
From: Bill Cox <>
Subject: Re: [PHC] Never read a patent

On Fri, Feb 7, 2014 at 10:01 AM, Alan Kaminsky <> wrote:
> In their book "Practical Cryptography" (Wiley Publishing, 2003), pages
> 375-376, noted cryptographers Neils Ferguson and Bruce Schneier say this:
> "One word of advice: never read a patent. That's right. You'd think that
> reading patents to see what they cover is a good idea. It is not. If you
> infringe on a patent without having known that you did so, you may end up
> paying damages to the patent holder. But if they can prove that you
> willfully infringed (because you knew about their patent), you may end up
> paying triple damages. So if you read a patent, you automatically increase
> your liability for infringing that patent by a factor of three.

I agree with him for many cases.  For example, when I write new code
at work for solving just about any problem, I never search for
patents.  I doubt many of us can write a page of code full of any
new-ish ideas without violating somebody's patent, and we'd spend more
time doing patent searches than coding if we tried to stay

However, the winning PHC entry will be analyzed pretty carefully by
most patent holders in the space.  Because of this, I think we should
try to search for patents covering our new-ish ideas.  I think the
winning entry should be able to pass a quick patent database search.

I just searched for compute-time hardening using multiplication
operations to discourage ASIC attacks, and came up empty, so I think
I'm OK there.  I did a quick search for Catena's client-independent
update and came up negative, but I didn't look very hard.  "garlic"
and "password" do not yet appear together in any patent application,
so far as I can tell.  Scrypt shows up in only 3 patent applications,
but none of them seem to focus on key derivation.  I think this is all
pretty good news for PHC entries.  The only real bummers so far are
the Halting Password Puzzles and the patent on using stronger KDFs
runtimes on weaker passwords.  I'm also bummed about a patent on
storing fake user accounts with weak passwords in the password
database as a strategy for detecting when the database has been leaked
to brute-force attackers.  This shouldn't impact the PHC, but it's
still a bummer.  It's one of those good ideas that now will be locked
away for 20 years when we need it most.  Software patents are such a
bad idea...


Powered by blists - more mailing lists