The cr.yp.to microblog: 2020.07.30 18:20:31

2020.07.30 18:20:31 (1288872109557440513) from Daniel J. Bernstein, replying to "Andrea Basso (@andreavbasso)" (1288855985898115073):

The "doctrine of equivalents" automatically extends claims beyond their literal meaning. The specification says x^n-1 is just an example; I don't see how U.S. courts would allow x^n+1 to evade the patent. Also, the polynomial isn't explicit in the European version of the claim.

Context

2020.07.05 08:58:35 (1279670996706836483) from Daniel J. Bernstein:

Warning: Patent https://patents.google.com/patent/US9094189B2, expiring 2032, covers subsequent LPR cryptosystem and derivatives such as Kyber, LAC, NewHope, NTRULPR, Round5, Saber, ThreeBears. Also, I'm increasingly skeptical of the idea that these avoid patent https://patents.google.com/patent/US9246675B2, expiring 2033.

2020.07.30 17:16:27 (1288855985898115073) from "Andrea Basso (@andreavbasso)":

Doesn’t claim 1 of the first patent explicitly state the ring R needs to be modulo x^n - 1? At a brief glance, it doesn’t seem like it covers the alternatives, so many of those schemes do not infringe, right?