[dm-crypt] Cryptographic issues with SSD-technology and wide-block encryption modes

Stavros Kousidis dabros.kuhsadas at web.de
Tue Feb 12 09:47:01 CET 2013

This is really interesting! The webpage


links to a non-awareness statement of UC Davis concerning IEEE Standard No. 1619.2 (that standardizes EME2). By the way there is also a mail discussion of the corresponding IEEE working group:  http://grouper.ieee.org/groups/1619/email-2/msg00005.html, that also links to this „Letter of Asssurance“.

This document states the submitter's (UC Davis) position as:

„After a Reasonable and Good Faith Inquiry, the Submitter is not aware of any Patent Claims that the Submitter may own, control, or have the ability to license that might be or become Essential Patent Claims.“

As far as I understand, this „only“ certifies that UC Davis is not aware of any patent claims or pending patent applications after asking people/employees involved in this matter. This does not sound as a patent disclosure to me, which might rather be checking boxes 1. and c. in section D. of that Letter of Assurance. But on the other hand D.1.c. would be a really hard statement.

I do not know the real-life meaning of this non-awareness statement. But my first feeling is that (IEEE-1619.2 standardized) EME2 is good to go from an intellectual property point of view. That's just my feeling though.


> >> BTW anyone know what had happened with EME2 wide mode?
> >> [snip long link]
> >
> > As far as I know there are intellectual-property issues:
> >
> > P. Rogaway, Block cipher mode of operation for constructing a
> > wide-blocksize block cipher from a conventional block cipher, US Patent
> > Application 20040131182 A1 _______________________________________________
> Hey, this caught my attention so I contacted Dr. Rogaway. Included below is
> the email conversation (my apologies for the format, he replied at the top
> so I followed suit):
> =======
> > Cool, thank you. It seems there was some misinformation in that thread
> then,
> > so would you mind if I quoted your response?
> Go right ahead.
> Best wishes,
> Phil Rogaway
> > On Friday, February 08, 2013 09:34:14 AM you wrote:
> >> Hi Alex,
> >>
> >> There is no Rogaway or UC patent related to EME2.
> >> The University of California did do a patent application,
> >> but abandoned it (that is, decided not to pursue a utility patent).
> >> I had to look up some old correspondence to remind myself of this,
> >> but it seems that we informed Matt Ball and Jim Hughes back in Nov 2007
> >> that there'd be no patent, filling out some IEEE patent-disclosure
> >> form saying this, too.
> >>
> >> Best wishes,
> >> phil rogaway
> >>
> >> On Fri, 8 Feb 2013, Alex Elsayed wrote:
> >>> Hi, I was wondering if you had any plans to (explicitly) offer similar
> >>> terms regarding open-source software for EME2 as you recently have for
> >>> OCB. There was a recent discussion on the dm-crypt mailing list with the
> >>> title "Cryptographic issues with SSD-technology and wide-block
> encryption
> >>> modes." In the course of the discussion Milan Broz, the maintainer of
> >>> dm-crypt, stated the following:
> >>>
> >>> "[It] would be nice to have some not patent encumbered wide mode (no
> code
> >>> changes needed, just someone have to invent it and add to crypto API)"
> >>>
> >>> I'm just someone who reads the list, but I thought I'd write to point
> out
> >>> that there's interest.
> >>>
> >>> (Frankly, I'm also very interested in OCB, but the other AE patents have
> >>> an
> >>> exceedingly unfortunate chilling effect independent of your license.)

More information about the dm-crypt mailing list