1998-09-22 - public key problems

Header Data

From: bill payne <billp@nmol.com>
To: ukcrypto@maillist.ox.ac.uk
Message Hash: 64d04386d654b9400112eda88626eafed09e813e28709fb90e2462bd04c802d4
Message ID: <36083BEF.2AF1@nmol.com>
Reply To: N/A
UTC Datetime: 1998-09-22 11:20:32 UTC
Raw Date: Tue, 22 Sep 1998 19:20:32 +0800

Raw message

From: bill payne <billp@nmol.com>
Date: Tue, 22 Sep 1998 19:20:32 +0800
To: ukcrypto@maillist.ox.ac.uk
Subject: public key problems
Message-ID: <36083BEF.2AF1@nmol.com>
MIME-Version: 1.0
Content-Type: text/plain

Tuesday 9/22/98 5:59 PM

Smith http://www.softwar.net/softd.html

I am reading

http://www.softwar.net/mcc.html

I scanned-in the attached letter from McNamara.

Morales and I have been considering an appropriate response.

Public key has cost NSA and the gov BIG BUCKs.

Numerical analyst Richard Hanson worked in the same math group as
Simmons, Brickell and Norris.

http://www.vni.com/products/imsl/hanson.html          

Mike Norris, Hanson told me, designed the reciprocal approximation
used for division.

Hanson told me several days ago he knows what went wrong mathematically.

Hanson told me that he is even thinking of writing an article about
it.

I WAS TOLD what went wrong electronically.  By John Wisniewski.
And FUNCTIONALLY by Ron Kulju.

best 
bill


		NATIONAL SECURITY AGENCY
            FORT GEORGE G. MEADE, MARYLAND 20755-6000

					Serial:	J9343A-98
					19 August 1998


Mr. William H. Payne
13015 Calle de Sandias
Albuquerque, NM 87111

Dear Mr. Payne:

	This replies to your 15 May 1998 letter appealing the National Security Agency's (NSA) decision to 
deny your request for a fee waiver for your Freedom of Information Act request for invoices from various 
companies to NSA for payments for developing public key-related chips or Clipper chip-related hardware 
between January 1980 and February 1998. Your appeal was received in the Office of General
Counsel on 29 May 1998. I have reviewed your 27 February 1998 request, the Office of Policy's 30 March 
1998 response, and your appeal letter; and I have concluded that the fee waiver should not be granted.

	In reaching this decision, a number of factors were evaluated in light of the Act's purpose of  
promoting an informed citizenry.  The key issue I considered in my review is whether disclosure of the 
information is likely to contribute to the pubic understanding of the operations or activities of the government. 
See 5 U.S.C.  552 (a)(4XA)(iii). Implicit in this standard is a requirement to assess the nature of the 
information requested and whether it will likely be disseminated to the general public and will contribute to 
increased public understanding of the operations of the government. In order to support a fee waiver; the 
connection between furnishing the requested information and benefiting the public should be substantial.

	You have not indicated how you intend to disseminate any  information which might be released; we 
assume that you intend to place the material on the Internet. Making information available by posting it on the 
Internet so that a segment of interested persons might seek access to it does not meet the burden of 
demonstrating with particularity that the information will significantly contribute to the understanding of the 
public at large. You have not demonstrated that you have the skills and knowledge to be able to compile, 
analyze, and turn the materials into a distinct work understandable to the general public. Accordingly, 
I have determined that the public interest is better served in this instance by requiring, rather than waiving, the 
fee assessment.
	
	This response may be construed as a denial of your appeal. Accordingly, you are hereby advised of 
your right to seek judicial review of my decision pursuant to 5 U.S.C.  552(a)(4)B) in the United States 
District Court in the district in which you reside, in which you have your principal place of business, 
in which the Agency's records are situated (U.S. District Court of Maryland), or in the District of Columbia.

	As the Deputy Director of Policy explained to you, you have been placed in the"all other" category for 
fee purposes; this entitles you to 2 hours of search time and up to 100 pages free of charge. Your case file has 
been returned to the Office of Policy. Processing of your request has been suspended pending receipt of your
certified check or money order made payable to the Treasurer of United States in the amount of $750.00. If you 
have any questions or wish to narrow your request in order to reduce fees, please contact the Office of Policy 
between 0830 and 1600 EST on 301-688-6527. If we do not hear from you within 30 days, we will assume you 
are not interested in pursuing this request.

Sincerely,



BARBARA A. McNAMARA
Freedom of Information Act/Privacy Act
Appeals Authority



Friday February 27, 1998 3:15 PM


By e-mail and US mail

Lieutenant General Kenneth A Minihan, USAF

Director, National Security Agency
National Security Agency
9800 Savage Road
Fort George G. Meade, MD 20755-6000

Dear General Minihan:

Purposes of the letter are to

1  request information under the Freedom of Information Act
2  explore settlement possibilities of our current lawsuit.

In about 1986 Sandia National Laboratories assigned me the 
task of  design and construction of a Comprehensive Test Ban 
Treaty seismic data authenticator.

In the initial stages of the project, Sandia cryptographer 
Gustavus Simmons attempted to convince both Sandia 
management and NSA employees Tom White, Mark Unkenholtz,
and Ed Georgio that a form of public key authentication should 
replace NSA employee Ronald Benincasa's National Seismic
Station/Unmaned Seismic Observatory 11-bit data authentication
algorithm.

My Sandia supervisor John Holovka and project leader H B [Jim]
Durham ordered me to write a paper explaining public key 
cryptography.

This paper,  RSA ENCRYPTION, along with my SAND report
describing my implementation of Benincasa's algorithm and
filings in our lawsuit, now appear on Internet at
http://www.jya.com/index.htm, click CRYPTOME, then OpEd,
then http://www.jya.com/whprsa.htm.

Sandia explored the merits of switching from Benincasa's
algorithm to a public key-based authentication method suggested
by Simmons.

For Sandia's evaluation of the merits of public key, electronic tagging,
and Bureau of Engraving and Printing projects ,  I bought for Sandia 
samples both the Cylink CY1024 and AT&T A & B two chip sets for
modulo m arithmetic computations.

NSA employee Tom White sent me a copy of the SECRET classified
NSA report on IBM's hardware public key chip FIREFLY.

I wrote in my tutorial paper

  RSA hardware computations

  The slow speed of software RSA computations plus the potential
  wide use prompted several companies to build chips which compute
  modular arithmetic to at least several hundred bits.  Most of
  these chips "cascade" to compute with a larger number of bits.

  Corporations involved in building these chips are

     1  IBM  Firefly

     2  AT&T

     3  Motorola (apparently a three chip set)

     4  Cylink   Pittway-First alert

     5  Sandia Labs (Algorithm M and predecessor chip)

  Details of the IBM chip is classified.  AT&T as of July 1987 has
  not released details of their chip.  Little information is
  available on the Motorola chip set.

  The Cylink chip is commercially available.  Its price dropped
  from $1,500 to $600 each in June 1987.  Data is transferred to
  and from the chip with serial shift register communication.

  The early Sandia chip was limited in speed.  The replacement
  chip is cascadeable, communicates with 8 or 16 bits parallel,
  matches the speed of the Cylink chip, but is not out of
  fabrication.

  Rumors circulate that there is about an order of magnitude
  performance difference between some of these chips.

  These hardware chips improve exponentiation speed about 3 orders
  of magnitude over software implementation benchmarked on an Intel
  8086 family microcomputer.

Whitfield Diffie writes about both the Cylink and Sandia chips.  And
is quoted at  http://www.aci.net/kalliste/nukearse.htm.

Sandia had terrible luck with its public key chips.  

I reported SOME of the troubles to Electronic Engineering Times editor 
Loring Wirbel [http://techweb.cmp.com/eet/823/] on March 23, 1994.

        Dr. John Wisniewski was a supervisor at Sandia's Center for
        Radiation-hardened Microelectronics.  Wisniewski was a graduate
        student at Washington State University in about 1975.  I was a
        professor at WSU.

        Wisniewski knows all about the failing Sandia chips in the nuclear
        arsenal.  I took notes on February 13, 1993.  Wisniewski reviewed
        the problems again for me.

             1    No quality initiative.  Each chip lot had a different
                  process.
             2    Overall yield - 40-50%.  Down to 10% after packaging.
             3    Metalization problems.  No planarization.  No flow of
                  glass.  Couldn't use high temperature.  Step coverage
                  problems.  Layed down over tension.  100% field returns
                  over several years.
             4    Sandia would store lots of parts for replacements.

        Sandia management made the decision to place low yield parts in
        the nuclear arsenal.  Sandia must meet DOD schedules management
        reasoned.  Hundreds of millions spent on CRM.  Sandia must show
        productivity.

        Wisniewski told me that low yield chip test survivors are those   
        whichthe tests failed to detect failures.  Wisniewski will talk.  
        503-625-6408.  Wisniewski now works for Intel in Oregon.  Have 
        Wisniewski tell you about the fire in the CRM clean room!

Sandia supervisor Jerry Allen later told me it cost $300,000 each to remove
Sandia's failing chips at Pantex from a nuclear bomb.

NSA apparently is biased toward hardware implementations of cryptographic
and authentication algorithms.  As opposed to software implementation.

NSA representatives and Sandia management decided not to use a public
key authentication scheme for its CTBT seismic data authenticator because
of all of the problems with implementing public key algorithms.

But NSA surely has spent MUCH MONEY on public key chip implementations.

NSA is promoting its Clipper crypto chips as described at 
http://cpsr.org/dox/clipper.html.

And we get some information about technical specifications of NSA's Clipper
chip at http://www.us.net/softwar/http://www.us.net/softwar/clip.html

  Clipper Chip Information

  MYK-78 CLIPPER CHIP ENCRYPTION/DECRYPTION  ON A CHIP 

     1 micron double level metal CMOS technology 
     0.35 watts power 
     28 pin plastic leaded chip carrier (PLCC) package 
     Transistor to transistor logic (TTL) interface 
     Chip ID, family key and device unique key are installed at 
     programming. 
     Chip ID, family key and device unique key are installed at programming           
     facility and are completely transparent to the user.

Therefore, Under the provision of the Freedom of Information Act, 
5 USC 552, I am requesting access to: 

1  Copies of all invoices from

	A   AT&T
	B   Motorola
	C   IBM
	D  Sandia National Laboratories

to NSA for payments for developing ANY public key-related chips between 
January 1, 1980 and February 27, 1998.

2  Copies of all invoices to NSA from ANY corporation involved in 
development
of ANY Clipper chip-related hardware between January 1, 1980 and 
February 27, 1998.

The public has a right to know how much NSA spent on TRYING monoploize the 
crypto business.

If there are any fees for searching for, or copying, the records I have 
requested, please inform me before you fill the request.

As you know, the Act permits you to reduce or waive the fees when the 
release of the information is considered as "primarily benefiting the 
public."
  
I believe that this requests fits that category and I therefore ask that 
you waive any fees.

If all or any part of this request is denied, please cite the specific 
exemption(s) which you think justifies your refusal to release the information and inform me of your agency's administrative appeal procedures available to me under the law.

I would appreciate your handling this request as quickly as possible, and I 
look forward to hearing from you within 20 working days, as the law stipulates.

With respect to our current FOIA lawsuit, I feel that we should settle this
unfortunate matter.

I see from your biography at  http://www.nsa.gov:8080/ and
http://www.nsa.gov:8080/dirnsa/dirnsa.html that you are

         1979   Distinguished Graduate
         Master of Arts degree in National Security Affairs 
         Naval Postgraduate School 
         Monterey, California

One of my former M.S. and Ph.D students in Computer Science,
Ted Lewis, is currently the chairman of Computer Science at
Naval Postgraduate School [http://www.friction-free-economy.com/].

Small world.

But I think that this emphasizes that WE SHOULD all be on the same side.
Not engaged in a conflict in US federal court.  Or on Internet.

NSA attempts to withhold requested information are possibly unwise.  

In our wired world the aggrieved know what happened to them.
[http://www.aci.net/kalliste/speccoll.htm]. http://www.wpiran.org/,
http://www.netlink.co.uk/users/impact/namir/namirm.html

And moderates in Iran, [http://persia.org/khatami/biography.html], appear 
want settlement too.

My family and I have been damaged by these crypto wars.

I ask you that consider fair settlement of damages caused by the National
Security Agency.

I cannot find your e-mail address on Internet.

Therefore I will forward the e-mail copy of this FOIA/settlement letter to 
Ray Kammer of NIST [http://www.nist.gov/], who along with the FBI 
[http://www.fbi.gov/, http://www.fbi.gov/fo/nyfo/nytwa.htmand], and NSA 
are trying to control the crypto business so that Kammer can possibly
forward an e-mail copy of the FOIA/Settlement letter to you.

Sincerely,

bill

William Payne
13015 Calle de Sandias
Albuquerque, NM 87111
505-292-7037 [I am not reading e-mail]





Thread