[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
NSA Sued by Cryptographer
We've received from Anonymous a copy of a February 28,
1997, complaint against NSA by an ex-Sandia cryptographer:
http://jya.com/nsasuit.txt (41K)
The cryptographer, William Payne, was:
project leader for the Missile Secure Cryptographic Unit
[MSCU] at Sandia between about 1982 and 1986. The
MSCU was funded by NSA. Payne designed and built
the hardware/software data authenticator for the US/USSR
Comprehensive Test Ban Treaty for Sandia between
1986 and 1992. Payne held SECRET clearance when
Payne worked for the Navy, DOE Q clearance, crypto and
SCI access while at Sandia.
The document says that Payne was a source for the Baltimore
Sun story on NSA's "spiking" deal with CryptoAG*, and other
stories, after he was fired in 1992 for attacking the quality of
NSA's cryptography.
It includes descriptions of agreements between Sandia and
NSA, algorithms, critiques and procedures. A sample:
Payne revealed to the public the value 31. "The algorithm
required stepping two of its internal registers at a rate many
times the data rate."
NSA believes that 31 is classified. Payne believes that this is
classification abuse.
Therefore, Payne issued a FOIA to NSA crypto-mathematician Brian
Snow also on June 10, 1996.
I found no evidence that NSA possesses any special
crypto skills, and apparently hides its deficiencies
behind the veil of classification abuse.
To the contrary, I discovered generic deficient
crypto work.
We brought this to the attention of NSA. Sandia even
offered to help NSA fix its deficient crypto work.
And NSA attempted to correct its deficient crypto
work.
Therefore, under 5 USC 522b I request access all
technical documentation on,
1 Benincasa's original NSS/USO algorithm,
2 Benincasa's revision of 1,
3 The Unkenholtz - Judy GRANITE algorithm,
4 Your MSCU algorithm,
5 the clipper algorithm,
6 the STU III algorithms.
I feel that published analyses of the above 6
algorithms will show the Clinton administration,
congress, and the public that NSA possess no superior
knowledge of crypto matters.
Payne received no response from NSA.
----------
* "Cryptographic units were 'spiked' so that the crypto key was
transmitted ['covert channel'] with the cipher text."
For more on the CryptoAG story see:
http://jya.com/cryptoa2.htm