Friday 5/15/98 3:48 PM By e-mail and US mail Lieutenant General Kenneth A Minihan, USAF Director, National Security Agency National Security Agency 9800 Savage Road Fort George G. Meade, MD 20755-6000 Dear General Minihan: Purposes of the letter are to 1 appeal a FOIA fee waiver denial. 2 continue to explore settlement possibilities of our current lawsuit. 30 March Joann H. Grube, Deputy Director of Policy, NSA, wrote in response to my Friday February 27, 1998 attached letter to you There are 706 cases ahead of your in our processing queue. .. Please be advised that your request for a waiver of fees has been denied. Public knowledge of how much taxpayer NSA has likely squandered ATTEMPTING to build public key crypto chips certainly in the public interest. Therefore, I appeal Grubes denial. Grube wrote Any person notified on an adverse determination may, within 60 days after notification of the determination, file an appeal to the NSA/CSS Freedom of Information Act Appeal Authority. The appeal shall be in writing and addressed to the NSA/CSS FOIA Appeal Authority, ... General Minihan, Grube apparently is attempting to invent her own FOIA appeal rules instead of follow federal law. Whenever a FOIA request is denied, the agency must inform the requester of the reasons for the denial and the requester's right to appeal the denial to the head of the agency. I ask that you educate and possibly reprimand Grube for her failure to properly state law. As you may be aware (6)(A) Each agency, upon any request for records made under paragraph (1), (2), or (3) of this subsection, shall-- (i) determine within ten days \1\ (excepting Saturdays, Sundays, and legal public holidays) after the receipt of any such request whether to comply with such request and shall immediately notify the person making such request of such determination and the reasons therefor, and of the right of such person to appeal to the head of the agency any adverse determination; and And you may also be aware ------------------------------------------------------------------------- \1\ Under section 12(b) of the Electronic Freedom of Information Act Amendments of 1996 (Pub. L. 104-231; 110 Stat. 3054), the amendment made by section 8(b) of such Act striking ``ten days'' and inserting ``20 days'' shall take effect on October 3, 1997. ------------------------------------------------------------------------- (ii) make a determination with respect to any appeal within twenty days (excepting Saturdays, Sundays, and legal public holidays) after the receipt of such appeal. If on appeal the denial of the request for records is in whole or in part upheld, the agency shall notify the person making such request of the provisions for judicial review of that determination under paragraph (4) of this subsection So I expect a response to this appeal within the time allotted to you by law. Our lawsuit has attracted international attention on Internet. http://www.jya.com/whp050898.htm http://www.jya.com/whp-10usca.htm http://www.jya.com/whp043098.htm http://www.jya.com/mf050998.htm http://jya.com/whpfiles.htm http://www.jya.com/crack-a5.htm http://caq.com/cryptogate http://www.aci.net/kalliste/speccoll.htm http://www.aci.net/kalliste/nukearse.htm Partially, perhaps, as the result of the about .5 million dead Iranian Shiite Muslims. Or maybe judicial misconduct? Morales and I plan to appeal to the Tenth in event that Morales dismissal is upheld. Further, we feel that YOU must be held accountable. Therefore we will appeal your removal from our lawsuit. But this is sure to cost the taxpayer much more money. And failure to fairly settle these unfortunate matters raises the possibility of a understandable, or opportunistic, retaliatory attack for NSAs bungled spy sting on Iran by the aggrieved or their enemies. Innocent people may be harmed. Both alternatives are unpleasant to think about. Therefore, Morales and I continue to offer to engage in settlement talks with YOU. I cannot find your e-mail address Therefore I will forward the e-mail copy of this FOIA appeal /settlement letter to Ray Kammer of NIST [http://www.nist.gov so that Kammer can possibly forward an e-mail to you. I am not reading e-mail. Sincerely, William Payne 13015 Calle de Sandias Albuquerque, NM 87111 505-292-7037 Friday February 27, 1998 3:15 PM By e-mail and US mail Lieutenant General Kenneth A Minihan, USAF Director, National Security Agency National Security Agency 9800 Savage Road Fort George G. Meade, MD 20755-6000 Dear General Minihan: Purposes of the letter are to 1 request information under the Freedom of Information Act 2 explore settlement possibilities of our current lawsuit. In about 1986 Sandia National Laboratories assigned me the task of design and construction of a Comprehensive Test Ban Treaty seismic data authenticator. In the initial stages of the project, Sandia cryptographer Gustavus Simmons attempted to convince both Sandia management and NSA employees Tom White, Mark Unkenholtz, and Ed Georgio that a form of public key authentication should replace NSA employee Ronald Benincasa's National Seismic Station/Unmaned Seismic Observatory 11-bit data authentication algorithm. My Sandia supervisor John Holovka and project leader H B [Jim] Durham ordered me to write a paper explaining public key cryptography. This paper, RSA ENCRYPTION, along with my SAND report describing my implementation of Benincasa's algorithm and filings in our lawsuit, now appear on Internet at http://www.jya.com/index.htm, click CRYPTOME, then OpEd, then http://www.jya.com/whprsa.htm. Sandia explored the merits of switching from Benincasa's algorithm to a public key-based authentication method suggested by Simmons. For Sandia's evaluation of the merits of public key, electronic tagging, and Bureau of Engraving and Printing projects , I bought for Sandia samples both the Cylink CY1024 and AT&T A & B two chip sets for modulo m arithmetic computations. NSA employee Tom White sent me a copy of the SECRET classified NSA report on IBM's hardware public key chip FIREFLY. I wrote in my tutorial paper RSA hardware computations The slow speed of software RSA computations plus the potential wide use prompted several companies to build chips which compute modular arithmetic to at least several hundred bits. Most of these chips "cascade" to compute with a larger number of bits. Corporations involved in building these chips are 1 IBM Firefly 2 AT&T 3 Motorola (apparently a three chip set) 4 Cylink Pittway-First alert 5 Sandia Labs (Algorithm M and predecessor chip) Details of the IBM chip is classified. AT&T as of July 1987 has not released details of their chip. Little information is available on the Motorola chip set. The Cylink chip is commercially available. Its price dropped from $1,500 to $600 each in June 1987. Data is transferred to and from the chip with serial shift register communication. The early Sandia chip was limited in speed. The replacement chip is cascadeable, communicates with 8 or 16 bits parallel, matches the speed of the Cylink chip, but is not out of fabrication. Rumors circulate that there is about an order of magnitude performance difference between some of these chips. These hardware chips improve exponentiation speed about 3 orders of magnitude over software implementation benchmarked on an Intel 8086 family microcomputer. Whitfield Diffie writes about both the Cylink and Sandia chips. And is quoted at http://www.aci.net/kalliste/nukearse.htm. Sandia had terrible luck with its public key chips. I reported SOME of the troubles to Electronic Engineering Times editor Loring Wirbel [http://techweb.cmp.com/eet/823/] on March 23, 1994. Dr. John Wisniewski was a supervisor at Sandia's Center for Radiation-hardened Microelectronics. Wisniewski was a graduate student at Washington State University in about 1975. I was a professor at WSU. Wisniewski knows all about the failing Sandia chips in the nuclear arsenal. I took notes on February 13, 1993. Wisniewski reviewed the problems again for me. 1 No quality initiative. Each chip lot had a different process. 2 Overall yield - 40-50%. Down to 10% after packaging. 3 Metalization problems. No planarization. No flow of glass. Couldn't use high temperature. Step coverage problems. Layed down over tension. 100% field returns over several years. 4 Sandia would store lots of parts for replacements. Sandia management made the decision to place low yield parts in the nuclear arsenal. Sandia must meet DOD schedules management reasoned. Hundreds of millions spent on CRM. Sandia must show productivity. Wisniewski told me that low yield chip test survivors are those whichthe tests failed to detect failures. Wisniewski will talk. 503-625-6408. Wisniewski now works for Intel in Oregon. Have Wisniewski tell you about the fire in the CRM clean room! Sandia supervisor Jerry Allen later told me it cost $300,000 each to remove Sandia's failing chips at Pantex from a nuclear bomb. NSA apparently is biased toward hardware implementations of cryptographic and authentication algorithms. As opposed to software implementation. NSA representatives and Sandia management decided not to use a public key authentication scheme for its CTBT seismic data authenticator because of all of the problems with implementing public key algorithms. But NSA surely has spent MUCH MONEY on public key chip implementations. NSA is promoting its Clipper crypto chips as described at http://cpsr.org/dox/clipper.html. And we get some information about technical specifications of NSA's Clipper chip at http://www.us.net/softwar/http://www.us.net/softwar/clip.html Clipper Chip Information MYK-78 CLIPPER CHIP ENCRYPTION/DECRYPTION ON A CHIP 1 micron double level metal CMOS technology 0.35 watts power 28 pin plastic leaded chip carrier (PLCC) package Transistor to transistor logic (TTL) interface Chip ID, family key and device unique key are installed at programming. Chip ID, family key and device unique key are installed at programming facility and are completely transparent to the user. Therefore, Under the provision of the Freedom of Information Act, 5 USC 552, I am requesting access to: 1 Copies of all invoices from A AT&T B Motorola C IBM D Sandia National Laboratories to NSA for payments for developing ANY public key-related chips between January 1, 1980 and February 27, 1998. 2 Copies of all invoices to NSA from ANY corporation involved in development of ANY Clipper chip-related hardware between January 1, 1980 and February 27, 1998. The public has a right to know how much NSA spent on TRYING monoploize the crypto business. If there are any fees for searching for, or copying, the records I have requested, please inform me before you fill the request. As you know, the Act permits you to reduce or waive the fees when the release of the information is considered as "primarily benefiting the public." I believe that this requests fits that category and I therefore ask that you waive any fees. If all or any part of this request is denied, please cite the specific exemption(s) which you think justifies your refusal to release the information and inform me of your agency's administrative appeal procedures available to me under the law. I would appreciate your handling this request as quickly as possible, and I look forward to hearing from you within 20 working days, as the law stipulates. With respect to our current FOIA lawsuit, I feel that we should settle this unfortunate matter. I see from your biography at http://www.nsa.gov:8080/ and http://www.nsa.gov:8080/dirnsa/dirnsa.html that you are 1979 Distinguished Graduate Master of Arts degree in National Security Affairs Naval Postgraduate School Monterey, California One of my former M.S. and Ph.D students in Computer Science, Ted Lewis, is currently the chairman of Computer Science at Naval Postgraduate School [http://www.friction-free-economy.com/]. Small world. But I think that this emphasizes that WE SHOULD all be on the same side. Not engaged in a conflict in US federal court. Or on Internet. NSA attempts to withhold requested information are possibly unwise. In our wired world the aggrieved know what happened to them. [http://www.aci.net/kalliste/speccoll.htm]. http://www.wpiran.org/, http://www.netlink.co.uk/users/impact/namir/namirm.html And moderates in Iran, [http://persia.org/khatami/biography.html], appear want settlement too. My family and I have been damaged by these crypto wars. I ask you that consider fair settlement of damages caused by the National Security Agency. I cannot find your e-mail address on Internet. Therefore I will forward the e-mail copy of this FOIA/settlement letter to Ray Kammer of NIST [http://www.nist.gov/], who along with the FBI [http://www.fbi.gov/, http://www.fbi.gov/fo/nyfo/nytwa.htmand], and NSA are trying to control the crypto business so that Kammer can possibly forward an e-mail copy of the FOIA/Settlement letter to you. Sincerely, bill William Payne 13015 Calle de Sandias Albuquerque, NM 87111 505-292-7037 [I am not reading e-mail]