From: bill payne <billp@nmol.com>
Date: Sat, 28 Feb 1998 18:59:06 -0800 (PST)
To: tcmay@got.net
Subject: Chemical, Biological, or Radiation (CBR) weapons
Message-ID: <34F8CC2A.20BA@nmol.com>
MIME-Version: 1.0
Content-Type: text/plain

Saturday 2/28/98 7:22 PM

Tim May

Just saw your stuff at jya.com.

Got in the mail today  

  Volume 9, Number 4, 1997

  MILITARY PSYCHOLOGY

  The Official Journal of the 
  Division of Military Psychology
  American Psychological Association

  Special Issue:  Effects of Chemical Protective
                  Clothing of Military Performance
  Guest Editors:  Gerald P. Krueger and
                  Louis E. Banderet

I'll transcribe some of the text.

The US government drugs soldiers before they go into battle.

Trust me.

Banderet was ANOTHER of my Ph. D. students.

Later
bill

Title: HP Crypto Export






28 February 1998

  
Date: Sat, 28 Feb 1998 14:18:22 -0500
To: cypherpunks@toad.com
From: Michael Elder <melder@descartes.coker.edu>
Subject: HP Crypto Export


>From the NY Times online (www.nytmes.com)

February 28, 1998


Hewlett-Packard Granted License For Encryption System 

By Peter Wayner 

The Commerce Department has granted Hewlett-Packard an export license for
its VerSecure encryption architecture allowing the company and its
licensees to export strong encryption tools, the company announced Friday.
The catch is that the products must take their orders from a central
computer system that will dictate how all the products will behave in each
country. 

The company hopes that the solution would break the deadlock between the
Clinton Administration, which continues to restrict the export of secure
computer technology throughout the world, and the computer industry, which
contends that foreigners are not interested in buying products that don't
protect their secrets. 

The new solution effectively disconnects the problem of distributing
encryption technology from the process of determining the policy for
government access to information. The heart is a new class of trusted
hardware cards and chips that take their orders from a central company
known as a Security Domain Authority or SDA. In countries, like France,
that require people to keep a record of keys for unlocking data, the SDA
would only allow the computers to encrypt information if it complied with
the laws. In countries with no laws about encryption usage like the United
States, Germany and Great Britain, the SDA would allow users to encrypt in
whatever manner they choose. 

Hewlett-Packard sees the solution as a win for the industry, which will be
able to build one set of hardware and software that can be shipped
throughout the world. The SDA's will set the local rules because the
computers will not encrypt information without first getting permission
from the SDA.

Doug McGowan, one of the director of Hewlett-Packard's efforts, said in a
telephone interview, "Never before has a general purpose cryptography tool
been exportable from the United States, with or without key recovery. We're
opening a huge market for American industry to enable commerce on a
worldwide basis." 

The price for this flexibility is the need for specialized hardware that
treats the SDA as its master. In an ordinary computer, the owner can
control all aspects of what the computer does. This extra hardware will
raise the price of machines and is bound to be more expensive than software
which can be distributed at minimal cost. 

Feisal Mosleh, a business development manager at Hewlett-Packard, pointed
out that specialized hardware can offer faster performance and more
security. "It is very hardware-specific with the flexibility of software
and that gives us a lot of strength in terms of tamper resistance" he said
in a phone interview.

Many security experts continue to point out that general-use microcomputers
and their operating systems are dangerously insecure. In one recent attack,
hackers were able to begin transfers from a bank account by manipulating
accounting software. Off-loading the process to specialized hardware makes
it simpler to ensure that the system is secure because the special hardware
has only one job.

Hewlett-Packard says that it is licensing the architecture to a number of
different computer vendors and announced that IBM, Motorola, CertCo,
Trusted Information System, Microsoft and RSA Data Securities had already
signed licenses. The vendors will be free to choose how they implement the
special computer hardware, but most will probably use firmware with an
embedded microprocessor. The initial version will reportedly include DES,
triple-DES, RSA, RC2, RC4 and Diffie-Hellman algorithms. Each of these
solutions can be sped up by specialized hardware, but only a general
microprocessor can handle all of them with equal agility. 

The specialized hardware will also be tamper-proof to prevent people from
circumventing the commands of the SDA. When an encryption card is first
started up, it cannot begin working until it has received instructions from
an SDA in its country. This information is contained in a "policy token."
Joe Beyers, general manager of Hewlett-Packard's Internet Software business
unit, explained, "The token says, 'You can use this amount of key, this
amount of strength for this amount of time.'"

Beyers went on to say, "The aspect of time allows the government to evolve
their policy. Time limits are one of the attributes that made it attractive
to the U.S. government." It would be possible for a government to change
policy with the system from time to time, perhaps forcing citizens to use
long keys in time of war to protect themselves and then relaxing the policy
after peace emerged. 

In the current plan, policy tokens would be good for one year, forcing
computers to re-register with an SDA in order to keep working. The SDA
would have no control of a token after it was issued and would only be able
to change policies at the renewal. 

The relationship between the SDA and the key recovery program is more
difficult to describe. The SDA would not keep any records of any keys that
would allow the police to eavesdrop on calls. But the policy tokens would
force the embedded hardware to obey the local laws that might include key
recovery. The FBI has asked Congress to mandate key recovery systems that
give it clear access to all communications. 

The yearly interrogation between the SDA and the individual computers does
not mean that the system will be foolproof. Someone could simply carry a
laptop from a country that allows personal privacy to a country with more
invasive laws and use it freely until the policy token runs out. Also, it
may be possible to spoof the token authorization procedure by pretending
that the request came from one country instead of another. 

Some critics found the use of special hardware to be problematic. Jim
Lucier, a policy analyst for the Americans for Tax Reform, a Republican
think tank, pointed out that specialized hardware was ignored by the
marketplace in the past. "None of it ever works" he said, "because the more
obvious solution, which is end-to-end encryption, is already there."

Lucier also pointed out that specialized hardware is more complicated to
engineer and much more expensive to distribute than software. "Atoms cost
more than bits, it just comes down to that," he said. In a press conference
Friday morning, Beyers promised that the new hardware was "months, not
years away" and also promised that the hardware costs would be as low as
possible. 

Marc Rotenberg, director of the Electronic Privacy Information Center,
suggested that replacing the current export control bureaucracy with a
network of SDA's was not a significant advance. "Government efforts to
regulate crypto will only slow the development of commerce," he said.

In fact, the decision by the United States government to grant a license to
Hewlett-Packard's architecture is far from liberating. Companies making
VerSecure products can only ship them to countries approved by the United
States government, a list which at this time is limited to the United
Kingdom, Germany, France, Denmark and Australia. More countries will become
open if and when they create an SDA infrastructure that is acceptable to
the United States. 

Hewlett-Packard has gone to great lengths to prevent rogue nations from
setting up their own unauthorized SDA's by cloning hardware. The
infrastructure uses CertCo's secure certificate servers to restrict the
ability to create the software necessary to build the tokens. Beyers says
that no one person at Hewlett-Packard has the ability to do this in order
to reduce the potential for corruption and theft.

Hewlett-Packard is also working heavily with foreign countries to assure
them that the system does not include back doors that might be accessible
by the United States government. Beyers said that the company had retained
an international group of cryptographic experts to vet the system and allay
any fears of hidden back doors. 

A press release from Hewlett-Packard quoted William A. Reinsch,
undersecretary of commerce, as saying, "We are pleased to support HP's
effort to develop and market encryption products that encourage the use of
key recovery in providing robust, secure encryption. This approval and our
ongoing dialogue with the industry are consistent with the Clinton
Administration's goal of allowing the market to develop recoverable
encryption products."

Peter Wayner at pwayner@nytimes.com welcomes your comments and suggestions.

Copyright 1998 The New York Times Company 



Date: Sat, 28 Feb 1998 12:08:30 -0800
To: Michael Elder <melder@descartes.coker.edu>, cypherpunks@toad.com
From: Tim May <tcmay@got.net>
Subject: Re: HP Crypto Export

At 11:18 AM -0800 2/28/98, Michael Elder wrote:
>>From the NY Times online (www.nytmes.com)
>Hewlett-Packard Granted License
>For Encryption System
>
>By PETER WAYNER

>known as a Security Domain Authority or SDA. In countries, like France,
>that require people to keep a record of keys for unlocking data, the SDA
>would only allow the computers to encrypt information if it complied with
>the laws. In countries with no laws about encryption usage like the United
>States, Germany and Great Britain, the SDA would allow users to encrypt in
>whatever manner they choose.

Until, of course, the U.S. changes its policy.

A constant danger with any of these "solutions" is that they make later
imposition of controls so much easier. Consider the implications of
widespread deployment of the HP-type system (which, BTW, I don't think will
happen in the U.S., or elsewhere).

A simple change in the law and all new tokens (and they must be renewed
yearly, so says HP) will implement the new law.

The camel's nose in the tent strategy.

The HP/IBM product is perniciously evil and should be fought with all
technical and memetic means.

--Tim May

Just Say No to "Big Brother Inside"
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^3,021,377   | black markets, collapse of governments.





Title: Untitled Document









Viewing this page requires a browser capable of displaying frames.





Friday February 27, 1998 3:15 PM


By e-mail and US mail

Lieutenant General Kenneth A Minihan, USAF
Director, National Security Agency
National Security Agency
9800 Savage Road
Fort George G. Meade, MD 20755-6000

Dear General Minihan:

Purposes of the letter are to

1  request information under the Freedom of Information Act
2  explore settlement possibilities of our current lawsuit.

In about 1986 Sandia National Laboratories assigned me the 
task of  design and construction of a Comprehensive Test Ban 
Treaty seismic data authenticator.

In the initial stages of the project, Sandia cryptographer 
Gustavus Simmons attempted to convince both Sandia 
management and NSA employees Tom White, Mark Unkenholtz,
and Ed Georgio that a form of public key authentication should 
replace NSA employee Ronald Benincasa's National Seismic
Station/Unmaned Seismic Observatory 11-bit data authentication
algorithm.

My Sandia supervisor John Holovka and project leader H B [Jim]
Durham ordered me to write a paper explaining public key 
cryptography.

This paper,  RSA ENCRYPTION, along with my SAND report
describing my implementation of Benincasa's algorithm and
filings in our lawsuit, now appear on Internet at
http://www.jya.com/index.htm, click CRYPTOME, then OpEd,
then http://www.jya.com/whprsa.htm.

Sandia explored the merits of switching from Benincasa's
algorithm to a public key-based authentication method suggested
by Simmons.

For Sandia's evaluation of the merits of public key, electronic tagging,
and Bureau of Engraving and Printing projects ,  I bought for Sandia 
samples both the Cylink CY1024 and AT&T A & B two chip sets for
modulo m arithmetic computations.

NSA employee Tom White sent me a copy of the SECRET classified
NSA report on IBM's hardware public key chip FIREFLY.

I wrote in my tutorial paper

  RSA hardware computations

  The slow speed of software RSA computations plus the potential
  wide use prompted several companies to build chips which compute
  modular arithmetic to at least several hundred bits.  Most of
  these chips "cascade" to compute with a larger number of bits.

  Corporations involved in building these chips are

     1  IBM  Firefly

     2  AT&T

     3  Motorola (apparently a three chip set)

     4  Cylink   Pittway-First alert

     5  Sandia Labs (Algorithm M and predecessor chip)

  Details of the IBM chip is classified.  AT&T as of July 1987 has
  not released details of their chip.  Little information is
  available on the Motorola chip set.

  The Cylink chip is commercially available.  Its price dropped
  from $1,500 to $600 each in June 1987.  Data is transferred to
  and from the chip with serial shift register communication.

  The early Sandia chip was limited in speed.  The replacement
  chip is cascadeable, communicates with 8 or 16 bits parallel,
  matches the speed of the Cylink chip, but is not out of
  fabrication.

  Rumors circulate that there is about an order of magnitude
  performance difference between some of these chips.

  These hardware chips improve exponentiation speed about 3 orders
  of magnitude over software implementation benchmarked on an Intel
  8086 family microcomputer.

Whitfield Diffie writes about both the Cylink and Sandia chips.  And
is quoted at  http://www.aci.net/kalliste/nukearse.htm.

Sandia had terrible luck with its public key chips.  

I reported SOME of the troubles to Electronic Engineering Times editor 
Loring Wirbel [http://techweb.cmp.com/eet/823/] on March 23, 1994.

        Dr. John Wisniewski was a supervisor at Sandia's Center for
        Radiation-hardened Microelectronics.  Wisniewski was a graduate
        student at Washington State University in about 1975.  I was a
        professor at WSU.

        Wisniewski knows all about the failing Sandia chips in the nuclear
        arsenal.  I took notes on February 13, 1993.  Wisniewski reviewed
        the problems again for me.

             1    No quality initiative.  Each chip lot had a different
                  process.
             2    Overall yield - 40-50%.  Down to 10% after packaging.
             3    Metalization problems.  No planarization.  No flow of
                  glass.  Couldn't use high temperature.  Step coverage
                  problems.  Layed down over tension.  100% field returns
                  over several years.
             4    Sandia would store lots of parts for replacements.

        Sandia management made the decision to place low yield parts in
        the nuclear arsenal.  Sandia must meet DOD schedules management
        reasoned.  Hundreds of millions spent on CRM.  Sandia must show
        productivity.

        Wisniewski told me that low yield chip test survivors are those   
        whichthe tests failed to detect failures.  Wisniewski will talk.  
        503-625-6408.  Wisniewski now works for Intel in Oregon.  Have 
        Wisniewski tell you about the fire in the CRM clean room!

Sandia supervisor Jerry Allen later told me it cost $300,000 each to remove
Sandia's failing chips at Pantex from a nuclear bomb.

NSA apparently is biased toward hardware implementations of cryptographic
and authentication algorithms.  As opposed to software implementation.

NSA representatives and Sandia management decided not to use a public
key authentication scheme for its CTBT seismic data authenticator because
of all of the problems with implementing public key algorithms.

But NSA surely has spent MUCH MONEY on public key chip implementations.

NSA is promoting its Clipper crypto chips as described at 
http://cpsr.org/dox/clipper.html.

And we get some information about technical specifications of NSA's Clipper
chip at http://www.us.net/softwar/http://www.us.net/softwar/clip.html

  Clipper Chip Information

  MYK-78 CLIPPER CHIP ENCRYPTION/DECRYPTION  ON A CHIP 

     1 micron double level metal CMOS technology 
     0.35 watts power 
     28 pin plastic leaded chip carrier (PLCC) package 
     Transistor to transistor logic (TTL) interface 
     Chip ID, family key and device unique key are installed at 
     programming. 
     Chip ID, family key and device unique key are installed at programming           
     facility and are completely transparent to the user.

Therefore, Under the provision of the Freedom of Information Act, 
5 USC 552, I am requesting access to: 

1  Copies of all invoices from

	A   AT&T
	B   Motorola
	C   IBM
	D  Sandia National Laboratories

to NSA for payments for developing ANY public key-related chips between 
January 1, 1980 and February 27, 1998.

2  Copies of all invoices to NSA from ANY corporation involved in 
development
of ANY Clipper chip-related hardware between January 1, 1980 and 
February 27, 1998.

The public has a right to know how much NSA spent on TRYING monoploize the 
crypto business.

If there are any fees for searching for, or copying, the records I have 
requested, please inform me before you fill the request.

As you know, the Act permits you to reduce or waive the fees when the 
release of the information is considered as "primarily benefiting the 
public."
  
I believe that this requests fits that category and I therefore ask that 
you waive any fees.

If all or any part of this request is denied, please cite the specific 
exemption(s) which you think justifies your refusal to release the information and inform me of your agency's administrative appeal procedures available to me under the law.

I would appreciate your handling this request as quickly as possible, and I 
look forward to hearing from you within 20 working days, as the law stipulates.

With respect to our current FOIA lawsuit, I feel that we should settle this
unfortunate matter.

I see from your biography at  http://www.nsa.gov:8080/ and
http://www.nsa.gov:8080/dirnsa/dirnsa.html that you are

         1979   Distinguished Graduate
         Master of Arts degree in National Security Affairs 
         Naval Postgraduate School 
         Monterey, California

One of my former M.S. and Ph.D students in Computer Science,
Ted Lewis, is currently the chairman of Computer Science at
Naval Postgraduate School [http://www.friction-free-economy.com/].

Small world.

But I think that this emphasizes that WE SHOULD all be on the same side.
Not engaged in a conflict in US federal court.  Or on Internet.

NSA attempts to withhold requested information are possibly unwise.  

In our wired world the aggrieved know what happened to them.
[http://www.aci.net/kalliste/speccoll.htm]. http://www.wpiran.org/,
http://www.netlink.co.uk/users/impact/namir/namirm.html

And moderates in Iran, [http://persia.org/khatami/biography.html], appear 
want settlement too.

My family and I have been damaged by these crypto wars.

I ask you that consider fair settlement of damages caused by the National
Security Agency.

I cannot find your e-mail address on Internet.

Therefore I will forward the e-mail copy of this FOIA/settlement letter to 
Ray Kammer of NIST [http://www.nist.gov/], who along with the FBI 
[http://www.fbi.gov/, http://www.fbi.gov/fo/nyfo/nytwa.htmand], and NSA 
are trying to control the crypto business so that Kammer can possibly
forward an e-mail copy of the FOIA/Settlement letter to you.

Sincerely,

bill

William Payne
13015 Calle de Sandias
Albuquerque, NM 87111
505-292-7037 [I am not reading e-mail]