Diffie and The Troll

Not a rock band.

Whitfield Diffie is something of a legend in the public key crypto field — best described as an obscure corner of an otherwise arcane art form. Recently, he was brought down to West Texas to testify as an expert witness in a patent trial: Newegg vs patent troll TQP Development. TQPD was claiming that Newegg violated their patents on combining SSL with the RC4 cipher. As in any patent trial, much of the discussion revolves around prior art, in this case of public key encryption, and whether or not the patent was a valid one. My take on this whole game is that the US Patent Office examiners are incompetent bureaucrats, mostly concerned with getting their quotas filled, and so the only real examination of patents these days is in court.

There ensued a soon-to-be-classic exchange, which appears in almost every word cloud in the blogosphere this week:

“We’ve heard a good bit in this courtroom about public key encryption,” said Albright. “Are you familiar with that?”

“Yes, I am,” said Diffie, in what surely qualified as the biggest understatement of the trial.

“And how is it that you’re familiar with public key encryption?”

“I invented it.”

Diffie’s testimony was so powerful that Newegg rested its case, without calling a witness on potential damages. That, as it turned out, was a bad idea, since the troll-friendly folks of Marshall, Texas (who have turned exploiting our broken patent system into a cottage industry), decided that the patent was good, and Newegg had infringed it, to the tune of $2.3million. Newegg is, of course, appealing.

But that’s not what makes this case interesting to me. What makes the case interesting is what’s revealed by TQPD’s attempts to discredit Diffie. They raised the issue that he didn’t really invent public key encryption in 1976, that the invention was made by Ellis and Williamson between 1969 and 1975. Diffie countered that their work was circulated in a secret memo in GCHQ (the UK equivalent of NSA), and that nothing was made public until after Diffie’s presentation at a world-wide conference. I draw two conclusions from this:

1. NSA and GCHQ are no friend of the Internet. They are willing to keep techniques hidden for almost a decade, techniques that, when independently invented, turned out to be critical for the development of Internet commerce. Corollary: Nothing that NSA and GCHQ says about the Internet can be trusted.

2. As with most things in the software field, when the right time comes, a problem and its solution will be in the air, floating around, discussed in universities and tech companies around the world. If not Ellis, then Diffie. If not Diffie, then someone else (who didn’t know what to do with it and sold it to TQPD). Corollary: The idea of awarding a patent for the solution to a problem that is obvious to the skilled practitioner, once that problem comes into focus, is ludicrous.


Tags: , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: