We've received from Anonymous a copy of a February 28, 1997, complaint against NSA by an ex-Sandia cryptographer: http://jya.com/nsasuit.txt (41K) The cryptographer, William Payne, was: project leader for the Missile Secure Cryptographic Unit [MSCU] at Sandia between about 1982 and 1986. The MSCU was funded by NSA. Payne designed and built the hardware/software data authenticator for the US/USSR Comprehensive Test Ban Treaty for Sandia between 1986 and 1992. Payne held SECRET clearance when Payne worked for the Navy, DOE Q clearance, crypto and SCI access while at Sandia. The document says that Payne was a source for the Baltimore Sun story on NSA's "spiking" deal with CryptoAG*, and other stories, after he was fired in 1992 for attacking the quality of NSA's cryptography. It includes descriptions of agreements between Sandia and NSA, algorithms, critiques and procedures. A sample: Payne revealed to the public the value 31. "The algorithm required stepping two of its internal registers at a rate many times the data rate." NSA believes that 31 is classified. Payne believes that this is classification abuse. Therefore, Payne issued a FOIA to NSA crypto-mathematician Brian Snow also on June 10, 1996. I found no evidence that NSA possesses any special crypto skills, and apparently hides its deficiencies behind the veil of classification abuse. To the contrary, I discovered generic deficient crypto work. We brought this to the attention of NSA. Sandia even offered to help NSA fix its deficient crypto work. And NSA attempted to correct its deficient crypto work. Therefore, under 5 USC 522b I request access all technical documentation on, 1 Benincasa's original NSS/USO algorithm, 2 Benincasa's revision of 1, 3 The Unkenholtz - Judy GRANITE algorithm, 4 Your MSCU algorithm, 5 the clipper algorithm, 6 the STU III algorithms. I feel that published analyses of the above 6 algorithms will show the Clinton administration, congress, and the public that NSA possess no superior knowledge of crypto matters. Payne received no response from NSA. ---------- * "Cryptographic units were 'spiked' so that the crypto key was transmitted ['covert channel'] with the cipher text." For more on the CryptoAG story see: http://jya.com/cryptoa2.htm