What Would You Do With a New Form of Encryption?

Kip Knight asks: "I've been sitting on an invention for six months now. I'm debating whether to 'give it to the world' or patent it. I would obviously like to feed my family on the fruits of my endeavour but don't see much hope in the open source route. My invention improves upon the 80 year old One-Time Pad encryption turning it into a 'Many-Time Pad'. Since I haven't got my export license to speak about the details yet, I won't describe further. The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP). The disadvantage is carrying around a very large digital key (which could easily fit on one of those USB memory key fobs). My question is this: Could I sell enough $10 shareware GPG extensions to compensate for not locking in 20 years of patent protection (and the $20,000 to patent it)?" While the claims made by the submittor have yet to withstand the crucial test of time (and prying eyes), if you had developed a new form of encryption, what would you do?

Two recommended routes:

[Anonymous Coward]

two recommended routes:
- call USPTO and ask for assistance
- call NSA and ask for a job

'Many-Time Pad'

[wiredog]

Yeah. Right. Let me guess. It's a one time pad, but one where the unused code groups get remapped/reused, which is just another type of one time pad.

I'd patent it

[pavera]

Patent it!
let gpl programs use it for free,
charge commercial companies
best of both worlds

Careful what you say

[harrisj]

From my somewhat scanty introduction to patent laws, you might want to be careful about how much you reveal about it before you file a patent or at least provisional paperwork. My company recently did work to patent a product and we were told we couldn't really discuss it with many people. Furthermore, doing an openly public action such as showing it at a trade show before applying the patent would seriously jeopardize the patent process. Now I'm not a lawyer or an expert in patent law, so I can't really say how valid an objection this is, but I'm sharing it here in case it's relevant. If it is correct, I want you to be able to decide whether to patent and not have it decided for you. (Any real experts have a better assessment).

Eat your cake...

[thrillbert]

Just because you patent the information, does not mean that it cannot be made available to the Open Source community. There is plenty of software out there that is available for free for personal use, but requires licensing for business use.

Patenting the software will ensure that *YOU* get some of that dough, while ensuring that *YOU* decide how it is going to be used, and who will use it. If you do not patent it, chances are that someone else will figure out a way to patent something extremely similar to it, and then charge *YOU* to use your software.

If you need some help with the $20k, let me know. I am almost sure you can raise it by asking 1000 /.'ers for $20 each.. I know I'll be more than happy to help!

---
Children seldom misquote you. In fact, they usually repeat word for word what you shouldn't have said.

Re:Easy.

[twilightzero]

The above post definitely has this one right. Patent it, that way somebody else can't steal the idea and claim they invented it and make YOUR profit from it. That being done, you can easily distribute it freely to the masses for common use, or sell shareware, or whatever. If it's really as good as you claim, you shouldn't have problems selling $10 or whatever shareware licenses. Also, if it's that good, corporations would be climbing all over you for access to it. You could charge a very reasonable fee for its use, even allow yourself to be hired as a security consultant/whatever, and make your profit from it.

I realize it's an up-front cost for patenting, but look at the alternative: someone stealing/adapting your invention and making the money that YOU could've had. Don't let that happen to you. And if it's really that good, there are services out there that will help you patent inventions, although I will admit to not being entirely familiar with them having never patented something myself.

Re:Well

[Anonymous Coward]

>>1. Patent new encryption algorithm.
>>2. Sell to highest bidder.
>>3. ???
>>4. Profit.

Why do people keep doing this!? Step 2 is where the profit comes from!! There is no unknown step three here, Sell to highest bidder == profit

Sorry, I think I've finally cracked from all the Step 123 and beowulf posts.

Re:Easy.

[UnanimousCoward]

It is interesting to me all of the highly-marked comments suggest the patent route whereas the general tenor of /. discussions concerning patents is that THEY ARE BAD. What gives? Is it that the "little guy" is not as likely to abuse the patent process? That's hardly relevant, especially if you subscribe to Knuth and Ullman (as noted in this [slashdot.org] /. posting).

Re:Why patent?

[Frobnicator]

Actually the Government can sidestep a lot of patent issues. Just as with PKE, they can say "we already knew about it and were using it, so we don't have to pay royalties".

But I don't think your comment really relates to the actual question he asked: do I patent [thing x] and hope to make enough money in a commercial world, or do I release shareware plugins?

frob.

Does he know what he's talking about?

[tstoneman]

He said it is "unbreakable" against brute-force attacks? Huh? You can't be unbreakable against brute-force attacks because brute-force is guaranteed to work, as long as you have enough time! Brute force means that you try every single possible key! What is he talking about? He also says that One-Time pads are vulnerable against known-plaintext attacks. Huh??? The whole point of one-time pads is that you do not have any known plaintext because it's a one-time pad!!! It's used once and then discarded!!! I have a feeling we're talking to an encryption rookie that really doesn't know what he's doing.

Get a *provisional* patent

[HEbGb]

I'm surprised no one has mentioned this.

A provisional patent costs $85, and you don't need a lawyer. It essentially keeps your patent claim alive for one year, and establishes a filing date, allowing you to disclose the invention without (as much) fear of losing your rights.

Once you assess it's commercial viability, you can decide on the >$10k formal patent.

I've done this many times. It's definitely the way to go.

Re:learn to play the patent game

[Archfeld]

that is really putting your money where your mouth is :) If it gets broken it wasn't that good..if it stands up, can you BUY better advertisment ??

Re:Here's a quote...

[Anonymous Coward]

Cool link, I musta missed it the first time around. Anyone else notice that Schneier uses the word "evildoers" when talking about airplane security? Almost 2 years before Sept 11! He also talks about searching people based on stereotypes (ie, arab/middle eastern after 9/11). Aaaughhhhh!! Conspiracy!

The proof is all there, in the question about personal privacy: Bruce Schneier is Osama Bin Laden! Oh yeah, and George W is involved too (the whole evildoers connection).

Re:learn to play the patent game

[seann]

my guess is his encryption would probably turn a 5meg zip (a couple pdfs describing his work)
into a 1-20gig file
then he uses the cd key (a 700meg key file) to decrypt the data, and retrives the 5meg original file

so I don't think he'd go the usenet route because I believe his encrpytion makes the file to large.

Basic Misunderstanding

[kevinank]

I'm afraid you've fallen into a very common trap. You imagine that because a One Time Pad is unbreakable, that it is also 'the best' encryption imaginable. It isn't.

Encryption is the ability to spread a limited source of entropy over a broad amount of data. The One Time Pad simply recognizes that if you have equal amounts of entropy and data then you don't need a very good mixing algorithm; just XOR the data with the pad and voila, the data becomes unreadable.

The challenge of good algorithms is to limit the amount of entropy needed to generate unreadable text to as small a size as possible. Typical algorithms in use today will by changing a single bit in the key, ultimately flip about 50% of the encrypted output. Half of the bits is optimum. Fewer and your entropy isn't getting mixed in very well. More and your bit is just inverting the data.

If you really want to contribute to the world of cryptography, don't bother with encryption algorithms. The ones we have are quite good. Honestly. Instead you should try to figure out a new use for the basic operations in cryptography. We know how to protect content, add signatures, authenticate content, and do non-repudiation. We can encrypt for a small number of readers each with his own key, or for broadcast, we can build webs of trust, and hierarchies. Come up with a new use that makes as much business sense as digital signatures and you'll have something worth patenting.

Re:Easy.

[xWeston]

I heard another good way to date an invention is to send a letter to yourself (certified would probably be even better) with it in there and do not open the envelope. Doing this gives you a date and everything from the USPS

Try a patent SEARCH first...

[duffbeer703]

What you are suggesting has been done since the 70's at least.

Various entities create one-time pads based on cosmic waves or the behavior of radioactive items. They then produce a large pad and then re-use for a specified number of times by manipulating it with various algorithims. The algorithms are sent in a seperate one-time pad.

All of the major ideas in encyrption have existed for decades or centuries. Future advances will come algorithms that deliver degrees of randomness. Future flaws encyptions will come from subtle errors in those algorithims.

Re:Hehehehe

[rmdyer]

Hmmm...

The standard disclaimer is that yes, a OTP -is- unbreakable. So the obvious solution is to create a secured connection with the OTP, then rotate in new pads through the transmission channel, replacing the pads at every transaction. You also need to make the pad sizes randomly variable. This should work, but you'd better have good ack/nak or once the pads get out of sync, you are hosed. Of course you could then create an algorithm for dropping-back to previously used pads until your clients regain sync, but that would be risky.

You also need to make sure your clients have good random number generators on each end. So you might create USB keychain drives with random number electronics that monitor weather conditions, magnetic direction, sound, etc, plus a user selected user input XOR seed.

The upshot of all this work would be that your session would slow considerably. The methods of securing connections are inversely proportional to the bandwidth required.

Rod

Re:If you want to make money, patent it

[Captain_Stupendous]

I agree. The question arises, however: If he patents it now, and peer review necessitates radical modifications of the source code / idea / whatever, does that invalidate the patent?

Re:Easy.

[jxs2151]

It is interesting to me all of the highly-marked comments suggest the patent route whereas the general tenor of /. discussions concerning patents is that THEY ARE BAD.

Note that when an individual patents, Slashdotters are happy. When a corporation patents, Slashdotters are unhappy. If an individual forms a corporation, he goes from good to bad. Slashdot logic. Kinda makes you wonder if all the business-bashers work for non-profits or are just hypocrites.

Re:Easy.

[Lonath]

Patents in general aren't bad. Patents on abstract thought are bad. You can't patent or copyright abstract thought. You can copyright expressions of abstract thought. You can patent the idea behind inventions. This is a religious issue, but I see software as mathematics, and therefore abstract thought. Even if it's used to do something in the "real world". Arguing that software should be patentable if it does something useful in the real world while arguing that abstract thought mathematical algorithms aren't patentable is like arguing that word problems are different from "Regular" math problems. It shows a fundamental lack of understanding of mathematics.

So only patent software if you believe that software isn't abstract mathematics which means that you fundamentally don't understand mathematics which means that there really isn't any way in which you could "promote the progress of the science and useful art" of mathematics, which means you really can't get a patent anyway since you don't understand the underlying subject matter.

Unless you don't care and you're willing to lie to the government to get something you really shouldn't have. Then all bets are off. It's a good thing corporations and people don't lie to try to make money.

This Is Not A New Method or Technique

[DoctorMabuse]

I have been using the Comscire Random Number Generator (which uses Johnson Noise from a resistor to generate the numbers) to build 512 byte pads onto a flash device for a cryptrographic application I sell to customers who need VERY secure communications. As long as the flashdevice is not physically compromised, this method is secure and unbreakable. The key is to have two machines on each side, one of which allows the user to create the plaintext and then encrypts it and a totally seperate machine that is connected to the Internet. The encrypted text is transferred to the Internet-connected PC via a CDR. That way the machine which has the plaintext and ciphertext copies is never connected to the net. Pads are selected via a pre-arranged mechanism.

Re:Get the patent...

[Alan Cox]

The patent won't do you any good. You sue anyone they'll sue you back for something meaningless. You go bankrupt they buy your patent for $1 at the bankrupcy auction.

On the other hand if you don't have it they may well just patent it and sue you anyway

And people wonder why western business is going down the toilet.

I have a much better suggestion, license it to someone cheap and use the money to train as a patent lawyer. There is no other future ...

a much more interesting question

[CoughDropAddict]

Say you managed to discover an algorithm that made factoring easy, to the degree that cyphers dependent on the intractability of factoring would be completely compromised. What would you do with with this extremely dangerous information?

The only reasonable action I could think of is to anonymously (through a dozen anonymous remailers) email a description of the algorithm to Bruce Schneier, entrusting him to proceed with this knowledge in whatever way he finds most prudent. I surely wouldn't want to be associated with the discovery and the calamity that would follow, and somehow I feel like Bruce Scheier could be trusted to act responsibly and intelligently.

Re:a much more interesting question

[epictetus]

I've thought about this myself. What I would do is post the algorithm, encrypted with a 64-bit key. Then I would use the algorithm to solve all the RSA public-key challenges. This would get the attention of the world, and get distributed.net and others working on cracking the 64-bit encryption. The clock would be ticking for vendors to find alternatives to public-key encryption. Meanwhile I would retire on the RSA rewards.

Re:Easy.

[ChadN]

Furthermore, I am confused by this sentence in Kip's posting:

The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP).

Which implies that the OTP is insecure with known-plaintext, or by brute-forcing, which is untrue for any correctly used OTP. So, either Kip Knight didn't express very well what he meant, or he is not as well versed in cryptography as he should be.

In any case, the proof is in the pudding. I remain skeptical of the claims.

Re:Easy.

[ParamonKreel]

The Problem with one time pads is that you have to distribute them via a secure channel... that's great if you can get a stack of DVD's to someone and keep them secure... but if you have a secure enought method to send the DVD's, why not just send your data that way too...

the problem with otp's isn't that they're breakable, it's the key distribution problem, a subset of the chicken and the egg problem.

Re:Easy.

[Bagheera]

Good point (as was the other response to this). I'm obviously not a patent attorney, but still have a less than sterling opinion of the current patent process. My point here is that there is a lot of effort required to patent an idea. There are patent searches, etc., to name just the most obvious. Putting the effort into patenting the new algorythm if you're not absolutely sure it's going to stand up to analysis is almost certainly not worth the expenditure.

If you're an experienced cryptologist, chances are you already know the chances your algorythm has of withstanding attack and analysis. But then you'd also have a good idea whether it was worth patenting - or the company you're working for will make the decision on whether or not to patent it.

And yes, RSA is a highly successful algorythm - created by three of the finest cryptologists in the business. It was patent protected, but had a reasonable license model for application development. If it hadn't, and hadn't been created by folks with a known track record, it wouldn't have gotten anywhere near as far.

I don't mean to put the original poster down at all here (being an amature (very amature) cryptologist myself) but if he's asking /. for our collective opinion, I seriously doubt he has the credentials required.

WORF

[Anonymous Coward]

in madison wisconsin there is a group that is called WORF. What they do is help inventors get patents, they are a non-profit organizations so they don't get anything from it. The restrictions are they will never sell the patent to a larger corporation. This means you will never be super rich for it, but you will get royalties from it.

Re:Easy.

[AvitarX]

I wouldn't say it's a myth and offers no protection. It gives you solid proof that on such and such a date you had such and such a device. If such and such a person you know steals the idea, you can prove that you had the idea on date x and if they cannot prove to have had it before then you have a start of a case that it was stolen. It is not total protection, but it is a piece of evidence.

Patenting it is useless

[defile]

Aside from the fact that the claim is incredible...

As other posters point out, everyone can develop their own ciphers that they think is unbreakable. It's not until massive peer review for many years before they become trusted as unbreakable, and thusly become of any value.

Attempting to patent a cipher before this is a waste of money, and patenting it after peer review is likely impossible.

Put it out for public scrutiny. At least you'll hold the copyright on the reference implementation and be recognized as the inventor, and don't blow $20,000+ just to have someone tell you your cipher is bogus/duplicate/pathetic. :)