In association with heise online

22 September 2009, 09:16

Patent infringement suit against Apple and eBay

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

USPTO Seal For some time, Vendor TQP (Telequip Corporation) has been filing lawsuits against various US banks over its patentPDF for changing keys during encrypted data transmissions. Now the list of defendants also includes Apple and eBay. The claim is about the alleged violation of a patent which was applied for in 1992 and granted in 1995. It describes a method in which symmetric keys for a sender and a recipient are created using synchronised pseudo-random number generators and may be changed during transmission.

It would seem that TQP's claims aren't completely without merit – after all, the vendor has already achieved out-of-court settlements with American Express, MasterCard and Amazon. TQP filed earlier lawsuits against financial institutions including Merrill Lynch, the Bank of America and Capital One. The new lawsuit against Apple and eBay also accuses Ticketmaster, Fandango, Live Nation, UPS, CVS, DHL, MetLife, Broadcast Music, Half.com, MicroPlace, Viva Group, ProStores, PayPal and BillMeLater of violating the patent by using certain secure data transmission technologies between customers and servers.

TQP originally describes a method for changing keys in order to enhance the security of DES-encrypted modem connections. The patented method involves transmitting a seed for initial synchronisation to both the sender and the recipient, which subsequently allows the pseudo-random number generators at both ends to produce the same key. Unlike many trivial patents, TQP proposed a concrete implementation for this idea in 1992 – a year before the first web browser appeared.

It appears that the methods TQP describes in its patent have certain similarities with the Secure Socket Layer (SSL) and Transport Layer Security (TLS) procedures modern browsers use for encrypting communication. Rather than attack these protocols directly, which would be difficult, TQP's approach is to take infringement action against companies who use these encryption technologies to secure transactions for customers on the internet, such as banks and online retailers. It seems likely, given its past success, the company will continue with this approach.

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-812220
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit