PKWare Files a Patent Application for Secure .zip 281
prostoalex writes "The battle of ZIP formats might intensify as PKWare filed an application with USPTO to obtain a patent on its Secure Zip technology, which pretty much involves archiving with strong cryptography. If the patent gets granted, PKWare will license its algorithms for other software manufacturers. A representative of Aladdin Systems summed it up: "The good thing about the .zip file format was that you knew you could send it to everyone. Now that's getting broke.""
Re:Use PGP (Score:5, Interesting)
7-zip (Score:5, Interesting)
just another example... (Score:5, Interesting)
seems like a familiar story to me.
Re:7-zip (Score:1, Interesting)
gzip? (Score:2, Interesting)
Hell, even the "pirates" and "hackers" are using something else (rar, ace).
Re:just another example... (Score:3, Interesting)
encrypting version of gnu tar (Score:5, Interesting)
There's also a Usenet thread about encrypting archive programs [google.com] including some modified Zip programs.
i thought good cyphertext can't be compressed (Score:3, Interesting)
Re:Use PGP (Score:3, Interesting)
A strong encryption process shouldn't need compression for security. But compression can easily improve the speed of the encryption, since if you compress the text that means that much less text to encrypt (and compression is usually a lot faster than encryption).
help, I don't understand (Score:5, Interesting)
2.In May of this year, WinZip developed its own method of strong encryption, which incompatible with the PKWare product.
3.Crawford believes that WinZip will be a potential licensee. "The basic approach of combining encryption of.zip is covered by the patent, so what WinZip has done, I believe, would be covered by the patent."
If 3 is true, 2 is clearly prior art. So why patent?
There is something rotten in IP kingdom.
Re:The next widespread compression (Score:4, Interesting)
Re:No, that's not the reason (Score:3, Interesting)
The problem (if it is indeed a problem) is that compressing the data may, in practice, be as hard as decrypting the data.
Re:just another example... (Score:4, Interesting)
Except Katz didn't innovate that much. (Score:5, Interesting)
Except that they started out in hell, because their founder ripped off Thom Henderson's ARC to make his original program.
Back in the BBS days, we were all rallied to support good ol' Phil against the evil Big Company, System Enhancement Associates, who was suing to keep Phil's faster PKARC from eating the original ARC program's lunch. BBS sysops were encouraged to boycott ARC. It worked. It ruined System Enhancement Associates.
Except the funny thing is, SEA was right. They won the lawsuit because Katz hadn't just reimplemented ARC, he stole their source code. That always gets left out of the retelling, even though the reason ZIP exists as a format is because Katz was ultimately prevented from using the ARC format and compression routine. The reality is also that even then, PKWare was a bigger company than SEA ever was. ARC was a commercial program, but had a very unusual license (for the time) allowing people free access to the source code if they wanted to port it to non-DOS platforms. Katz baldly abused this license and, in the end, got away with it. ZIP did end up with an improved compression scheme which I presume PKWare came up with, although there's some evidence that the all-but-ignored ARC 7 outperformed it. (PKARC was, IIRC, based on ARC 5.)
Ben Baker has a description of the history [esva.net] of this whole affair at the website of Thom Henderson (ARC's author). Henderson also has his own commentary, which I would describe as "gently acid."
Re:Use PGP (Score:2, Interesting)
The main reason I picked 1 gig as an arbitrary number when starting a thread is this: I came up with a backup system that backs up the files on the network I admin. This can create a severe security hazard. For instance I have accounting, HR, and management's files all on the same computer - this would be a jackpot if anyone busted through our firewall and managed to hack the backup server itself - which is moderatly secure.
So compression is a must where I work because backups are exported to remote locations (via sftp or whatever). But the question is - how do I secure this stuff, and if a user blows up their machine or mor likely wacks a few files, how do I get the file back, and how long does it take until I can give it back. A "secure" zip might not be much faster zipping and may not do as good with compression, but getting one file back is a hell of a lot easier.
btw, I do essentially just bzip > openssl aes for now
Re:PKZIP is irrelevant now, anyway. (Score:1, Interesting)
> the dawn of time, but SEA sued Phil Katz for using it.
Incorrect. SEA sued Phil Katz for using their source code illegally in violation of their license agreement. SEA made ARC open source and permitted you to port it to any platform you wanted as long as you kept it free. They were also selling the DOS version. Phil Katz copied their source, rewrote the core in assembly instead of C, and then advertised how much faster his code was in in magazine adds selling it.
http://www.esva.net/~thom/baker.html
Re:PK (Score:3, Interesting)
He basically stole it.
[esva.net]
http://www.esva.net/~thom/philkatz.html
Any karma really belongs to the person who posted this last time it came up on slashdot, but I thought this should be mentioned at +2.
A modest proposal (Score:2, Interesting)