Hon. Tim Valentine Chairman, subcommittee on Technology and Competitiveness House Committee on Space, Science, and Technology U.S. House of Representatives Dear Mr. Valentine: In a letter sent to your committee on September 20, 1991, James Bidzos, President of RSA Data Security Inc., states that the RSA encryption algorithm should be used in the NIST's proposed DSS (Digital Signature Standard) because it is the de-facto standard for public key encryption. We must inform you that this is not true. The RSA algorithm has not become a standard for public key encryption in the United States because RSA Inc. has used the various patents covering the algorithm to prevent its large-scale use. To make a protocol for communication standard and generally accepted requires surmounting a large obstacle: the fact that there is (at first) no one else to talk to who speaks the same language. Consider, for example, the case of UHF television; at first, no one would buy a UHF receiver because there was no broadcasting, and no one would set up broadcasting because no one was watching. This obstacle was overcome only by explicitly requiring all new TV sets to support UHF channels. Widespread adoption of public key encryption depends on the universal availability of software to use it. The most effective way to do this is to write a public domain program which everyone can use. Over the last decade, several such programs have been written. RSA Inc. has squashed each one with accusations of patent infringement. Bidzos raises concerns about the undue haste in the public comment on DSS, and the size of the key it permits. These concerns may be valid. Surely they can be addressed by modifying the DSS or its adoption process, and are not an argument for switching to RSA. The suggestion that NIST might use patents to prevent improvement of DSS is also alarming, and NIST take positive steps to allay this concern, but such a patent problem is not as bad as the one we know we will have using RSA. The computer industry deserves a public key standard which software developers are free to implement. We hope you will make sure the eventual standard permits this, by supporting NIST in its rejection of the RSA algorithm as long as patents continue to cover it. Sincerely, Richard Stallman (MacArthur Fellow and ACM award winner) 545 Technology Square, room 430 Cambridge, MA 02139 (617) 253-8830 and Patrick H. Winston (Director of MIT Artificial Intelligence Lab) Marvin Minsky (Professor, MIT Media Lab; founder of Artificial Intelligence Lab) Berthold K.P. Horn (Professor, MIT Artificial Intelligence Lab) David MacAllester (Professor, MIT Artificial Intelligence Lab) Hal Abelson (Professor, MIT Artificial Intelligence Lab) Gerald J. Sussman (Professor, MIT Artificial Intelligence Lab) Christopher Hanson (Research Staff, MIT Math and Computation Project) Leonard H. Tower, Jr. (Boston University computer services) Jerry Cohen (Patent Attorney, Perkins, Smith and Cohen) cc: Members, Subcommittee on Technology and Competitiveness Hon. Jack Brooks, Chairman, House Committee on the Judiciary Hon. Robert Mosbacher, U.S. Secretary of Commerce Dr. Willis H. Ware, RAND Corporation