Cryptome DVDs are offered by Cryptome. Donate $25 for two DVDs of the Cryptome 12-years collection of 46,000 files from June 1996 to June 2008 (~6.7 GB). Click Paypal or mail check/MO made out to John Young, 251 West 89th Street, New York, NY 10024. The collection includes all files of,,, and, and 23,000 (updated) pages of counter-intelligence dossiers declassified by the US Army Information and Security Command, dating from 1945 to 1985.The DVDs will be sent anywhere worldwide without extra cost.

Web cryptome

25 February 1998

Date: Wed, 25 Feb 1998 13:53:33 -0500
From: nospam[at] (Ed Stone)
Subject: Re: Another Network Associates U-Turn on Key Recovery
To: jy[at]

PGP Inc's new owner, Network Associates, has announced it is acquiring 
Trusted Informations Systems, Inc. On the TIS web site, the following 
project is detailed, in which Dr. Dorothy Denning was a subcontractor, 
and in which policy-based crypto key release systems were explored, in 
collaboration with the NSA, FBI, etc.:


Policy-Based Cryptographic Key Release Systems
Cryptographic Key Release Language Design and Specification

View the quad chart graphic for the Policy-Based Cryptographic Key
Release System

Project Summary

ARPA Order Number: 8685 

Contractor: Trusted Information Systems, Inc. 3060 Washington Road
Glenwood, Maryland 21738 Phone: (301) 854-6889 FAX:
(301) 854-5363 

Subcontractors: Dr. Dorothy Denning
Dr. Burton Kaliski
Dr. Warwick Ford
Russel Housley

Principle Investigators:

Dennis Branstad

Title of Effort:

Policy-Based Cryptographic Key Release System 


The objective of this task is to develop an automated system that will
release cryptographic keys in accordance with a specified policy. The
dynamic relationships established among nations, military groups,
industrial consortia, business partnerships, and people require that
information protection policies be specific and dynamic. The key release
system to be developed will support policy specifications from all 
parties having jurisdiction over the information and then enforce 
security in accordance with this policy. The policy may be different for 
each user, application, or cryptographic key. The cryptographic key 
release system provides dynamic and flexible authorization rules for 
releasing the key. The system will allow a set of authorization rules, 
collectively called a key release policy, to be created to control the 
release of a key.


This task is to identify the requirements for key release of potential 
users, their managers (for organizational users), the law enforcement
organizations having jurisdiction in the location of use, and the 
national security organizations having jurisdiction in the location of 
use. A broad set of real and hypothetical requirements will be 
identified. Real requirements will be used whenever possible (e.g., by 
talking with users, their managers, and law enforcement personnel) and 
hypothetical requirements will be used when required (i.e., when real 
requirements are classified). The goal is to build a representative set 
of requirements to be included in the release system without attempting 
to be comprehensive or complete.

Using a set of real and theoretical requirements for key release, a 
release authorization language will be developed. Various hypothetical 
scenarios will be defined (e.g., a multi-national military communication 
system, a government agency's archival system, an individual's personal 
records management system, a family's financial system, a corporation's 
vital records system, an international electronic commerce trading 
system) for which various key release policies could be specified. An 
optional automated key release prototype system will be developed during 
the second year to demonstrate the feasibility and effectiveness of 
dynamic cryptographic key release.

Recent Accomplishments:

The KRP project achieved several major accomplishments this year. They
can be categorized as requirements identification, language 
specification,  policy administration system, and project design review.

A Key Release Requirements document was prepared and reviewed by the
KRP review team. This document presented the general requirements of
individuals and organizations for specifying the acceptable conditions
under which a cryptographic key could be released and to whom it could
be released under those conditions.

The syntax and semantics of an initial KRP language for specifying these
conditions (automated events such as time and human events such as
death) were specified. Syntax defines the structure (i.e., acceptable
sentences) of a language and semantics defines the meaning of the
components (i.e., words, sentences) of the language. Additional
components needed for the language were identified.

A prototype (demonstration) system was developed for administering the
creation of cryptographic keys and release policies. It also protected 
the keys, enforced the policies, and administered the roles of users 
authorized to perform the roles.

A design review meeting (TIS staff and KRP consultants) was held for
DARPA sponsors and NSA , NIST, and MITRE guests The responses to
the KRP language and system design as well as the demonstrations were
all positive.

Current Plan:

(Option 1) Implement an automated system which enforces the rules for
releasing cryptographic keys. The system shall consist of key-release
policy (KRP) creation modules, storage modules, and enforcement
modules. User roles to be supported include: policy domain originator,
policy component creator, key requester, policy event poster, policy 
event verifier, policy administration system (PAL) manager, and PAL 

Different interfaces may be provided for the different user roles. KRP 
and PAL language specifications and system descriptions shall be 

Demonstrations and a final report shall be provided at the end of the

Technology Transition:

Demonstrations of the KRP prototype system and presentations of the
KRP specification language have been made available to DARPA
sponsors, NSA coordinators, NIST interested parties, and FBI staff.
Informal presentations have been given to TIS visitors and formal
presentations have been made to several technical workshops. Research
cooperation meetings were held with several other DARPA researchers
interested in the language and system. Broader coverage and technology
transfer await funding of the second year of development of the language
and system."
Ed Stone
remove "-birdname" spam avoider