[tptacek]

Not true at all. Cryptography Research has patented most of the implementation techniques required to do hardware crypto without being susceptible to differential power analysis (btw: that? My favorite business model ever!). That was almost pure systems research.

[Psyonic]

What is the business model associated with differential power analysis? Why is it your favorite?

[tptacek]

They discovered a horrible, systemic vulnerability and then patented most of the effective defenses for it. It's pure evil genius.

[JCLevesque]

And that's why patents are broken.

[tptacek]

Strong disagree. They found the vulnerability. It is a remarkably interesting attack. Without their work, we'd just be silently vulnerable to the problem. I think (for instance) the DPA patents are a decent example of good-faith patents.

RSA was patent-encumbered for a long time too. You can formulate a similar argument about that. "RSA makes systems safer [ed: no it doesn't, but continuing...], so it's wrong to allow it to be patented".

[gjm11]

I think there are some steps missing in your argument. It seems to go something like this: (1) CR found the issue, spotted a business model, patented all the best solutions, and told the world. (2) Without patents, CR wouldn't have done this. (3) So without patents, no one would have done it. (4) So without patents, we'd all be silently vulnerable to a very general, very clever side-channel attack.

The step from (1) to (2) seems doubtful. If the CR people hadn't been able to patent a bunch of ways to deal with DPAs, they might none the less have published about them. It's not as if no one ever tells the world about a security vulnerability without a patent-based incentive.

The step from (2) to (3) seems doubtful. It seems more likely that without CR, sooner or later someone else would have thought of differential power attacks and published about them. Unless CR are just much much smarter than everyone else -- in which case, the guys in black hats would have been just as much worse off as the guys in white hats.

The step from (3) to (4) is OK, with the proviso I just mentioned: it seems that the obvious way for (3) to be true would tend to make the vulnerability matter much less.

[tptacek]

Regarding (2) to (3): sorry, I think it is --- in large part --- the fact that CRI is just much much smarter. They're a peculiar company: they do real-world implementation and high quality research. Yes, there are Dan Bernsteins and Dan Bleichenbachers in the world, but for the most part those people don't get a lot of exposure to custom hardware.

Regarding (1) to (2): sure, maybe CRI would have published even without compensation. Just like maybe I'd do my job part-time for free anyways even if I wasn't getting paid. You can say that for anyone who's doing what they love: musicians, lawyers, architects. But what's the win for not compensating CRI? Huge consumer electronics companies have to pay slightly less NRE to build new products. I'd rather have CRI in the world.