---

VNU Net: RSA releases encryption code

By John Leyden, VNU Net

RSA Security has released its public key encryption algorithm
into the public domain, in a move that fires the starting gun for
increased competition in ebusiness security.

The RSA algorithm is widely considered the standard for
encryption and the core technology that secures the vast majority
of ebusiness transactions. However, the move comes two weeks before
RSA Security’s patent rights expire, and has been dismissed by
competitors as an empty gesture.

The release of the RSA algorithm into the public domain will
allow anyone to create products that incorporate their own
implementation of the algorithm, although they have to pay RSA
Security to use it.

The US patent for the RSA algorithm was issued to the
Massachusetts Institute of Technology on 20 September 1983. It is
licensed exclusively to RSA Security and expires on 20 September
2000.

“So much misinformation has been spread recently regarding the
expiration of the RSA algorithm patent that we wanted to create an
opportunity to state the facts,” said Art Coviello, chief executive
officer of RSA Security.

“RSA Security’s commercialisation of the RSA patent helped
create an entire industry of highly secure interoperable products
that are the foundation of the worldwide online economy.

“Releasing the RSA algorithm into the public domain now is a
symbolic next step in the evolution of this market, as we believe
it will cement the position of RSA encryption as the standard in
all categories of wired and wireless applications and devices,”
added Coviello.

Tom Fawcett, security analyst at Frost & Sullivan, said RSA
Security has diversified and does not rely on the patent for
revenue, but the open availability of the RSA algorithm will
increase competition.

“The expiry of the patent means more innovation, because it
gives an opportunity for small developers who might not have able
to afford to pay royalties to RSA Security,” he said.

Paddy Holahan, executive vice president of marketing at rival
Baltimore Technologies, described the move as “too little, too
late”.

He explained that, among other things, the patent’s expiry will
allow Baltimore to see its development toolkits in competition to
those of RSA Security in the US for the first time.