NIST is Threatening to Sue You With Patents on Mathematics (That Aren't Even Legal in the First Place) If They Don't Like You
Obey! Implement only what we allow you to (even if it has likely contained 'loopholes' - as in potential back doors - right from the very start, as a matter of intended design - as that seems so popular these days)
A couple of weeks ago we wrote about software patents in encryption standards - a subject scarcely if ever explored/debated in the media (nobody in "Linux" sites covered the latest patent attacks on GNU/Linux, except us).
This "post-quantum" (hype) publication from NIST is disturbing for several reasons: (local copy as the original will vanish one day)
It says (right there within purple boundaries, added by us): "The licenses were drafted such that any implementer of the CRYSTALS-KYBER algorithm as published by NIST receive the benefits of a grant to the licensed patents within the scope of a field of use limited to implementing CRYSTALS-KYBER as a PQC algorithm. The licensors agreed, on a royalty-free basis, to place into abeyance any right of enforcement of the licensed patents against any implementer or end-user of the algorithm."
That's some strange wording right there. Why are there any patents to begin with, more so after 35 U.S.C. § 101 and Alice (SCOTUS, 2014)? Does the U.S. Patent and Trademark Office (USPTO) continue to grant patents on algorithms under the leadership of its current Director, who worked for Microsoft in the past? It's bad enough that the USPTO now imposes de facto fines on anybody who does not use proprietary Microsoft formats with many patents on them. This is a form of corruption that we wrote about before.
An associate has noted that "there are a lot of patents floating around regarding the newer algorithms and less clarity about the algorithms being royalty-free. It can also be pointed out that algorithms and software are no longer eligible for patents in the US and have never been eligible for patents in the EU."
"I've searched around briefly and not found any clear answer regarding that algorithm (or for that matter the other proposals)."
We already mentioned that NIST is among the passive proponents of back doors in ciphers. Does it also work to legitimise patents on algorithms, including encryption algorithms that are meant to be standard?
The scary part is, if you use the algorithms not in the way they wish you to use them, or if you deviate from the standards, then they threaten to sue:
This seems like a clear and open misuse of patents in an area where no patents should be granted in the first place. They're asserting monopolies on mathematics.
Will implementing a cipher free of back doors and US control (domination) be considered a patent infringement and be met by threats from lawyers? That would be "creative"; instead of telling Computer Scientists that it is illegal to make secure code (auditable, no NDA) they will instead tell them that they are "pirates" or something to that effect.
If spy agencies can spend - and have already spent - billions of dollars to hire many prominent mathematicians to break security, why not hire lawyers to come up with ways to do the same at another level? █