|Cryptome DVDs are offered by
Cryptome. Donate $25 for two DVDs of the
Cryptome 12-years collection of 46,000 files from June 1996 to June 2008
(~6.7 GB). Click Paypal or mail check/MO made out to John Young, 251 West
89th Street, New York, NY 10024. The collection includes all files of
cryptome.org, jya.com, cartome.org, eyeball-series.org and iraq-kill-maim.org,
and 23,000 (updated)
pages of counter-intelligence dossiers declassified by the US Army Information
and Security Command, dating from 1945 to 1985.The DVDs will be sent anywhere
worldwide without extra cost.
21 March 1997
Thanks to E. Michael Power, Coordonnateur, Secrétariat au commerce
électronique, Ministère de la Justice Canada
LICENSING OF TRUSTED THIRD PARTIES
FOR THE PROVISION OF ENCRYPTION SERVICES
Public Consultation Paper
Detailed Proposals for Legislation
Ian Taylor MBE MP
Minister for Science & Technology
On 10 June 1996 I announced to Parliament that the Government would be bringing
forward proposals for the licensing and regulation of Trusted Third Parties
for the provision of encryption services. I indicated then that a public
consultation document on the Government's proposals would be issued prior
to the introduction of legislation. I am pleased to be able to introduce
this document to you now.
The proposals in this consultation document make a significant contribution
to the Government's overall strategy for building the information society
in the UK. The provision of secure electronic commerce is a key issue for
business and consumers and it is important that we take positive steps to
address it, if we are to ensure that everyone in the UK exploits the full
potential of information and communication technologies.
The last 12 months have been a year of intense activity for Government. February
1996 saw the launch of the Information Society Initiative Programme for Business
aimed at encouraging British business to improve its competitiveness by using
information and communication technologies. December 1996 saw the full
liberalisation of international telecoms facilities in and out of the UK,
and the launch of IT for All - an exciting new programme aimed at bringing
the benefits of the information society within the reach of all UK citizens.
The Green Paper government.direct set out a vision for the electronic delivery
of Government services. Whilst the Education Department's Superhighways
Initiative continues to support a series of projects designed to raise awareness
of computer networks in education.
The UK is already a world leader in the telecommunications, broadcasting
and multi media industries. Business and consumers are therefore well placed
to take advantage of the opportunities on offer. Despite this however,
significant barriers to the take up of electronic commerce still remain.
These proposals - aimed at facilitating the provision of secure electronic
commerce - are being brought forward against a background of increasing concern,
not about the technology, but about the security of information itself. In
a world where more and more transactions are taking place on open electronic
networks like the Internet, there has been a growing demand from industry
and the public for strong encryption services to help protect the integrity
and confidentiality of information. These proposals have been developed to
address those concerns, but at the same time are aimed at striking a balance
with the need to protect users and the requirement to safeguard law enforcement,
which encryption can prevent.
I believe that the proposals outlined in this paper achieve that balance.
Their success though will ultimately depend on their widespread acceptance
and use of Trusted Third Parties by the business community. We are therefore
looking to industry to work with us in close partnership on this important
I therefore urge you now to let us have your comments on this document.
TABLE OF CONTENTS
TABLE OF CONTENTS iii
SECTION I: INTRODUCTION
SECTION II: GOVERNMENT POLICY FRAMEWORK ..............................
SECTION III: EUROPEAN UNION & OECD DEVELOPMENTS .................
SECTION IV: CRYPTOGRAPHY
SECTION V: TRUSTED THIRD PARTIES
SECTION VI: STRUCTURE OF THE PROPOSALS ...................................
Licensing Criteria & Conditions..........................................
Appeals and Tribunal........................................................
SECTION VII: MOVING AHEAD
ANNEX A Legal Recognition of Digital Signatures .............................
ANNEX B Legal access to keys held by TTPs - International Aspects 23
ANNEX C Explanation of Licensing Criteria
ANNEX D Glossary
ANNEX E Minimum Functional Requirements of an International TTP
ANNEX F Frequently asked Questions & Answers .............................
THE LICENSING OF TRUSTED THIRD PARTIES
FOR THE PROVISION OF ENCRYPTION SERVICES
Consultation Paper on Proposals for Legislation
SECTION I: INTRODUCTION
This consultation paper sets out the Government's policy proposals for the
licensing and regulation of Trusted Third Parties (TTPs) to provide a range
of information security services to their clients.
These proposals stem from the Government's announcement of 10 June 1996 on
the provision of encryption services on public networks. This announcement
recognised the growing demand from industry for strong encryption services
to safeguard the integrity and confidentiality of electronic information
transmitted on public telecommunications networks. It also recognised the
need to balance this demand with the requirement to preserve the ability
of intelligence and law enforcement agencies to fight serious crime and
Against this background the Government announced that it would be bringing
forward proposals for the licensing and regulation of TTPs to provide a range
of information security services to their clients. It also indicated that
formal consultation on the Government's proposals would be undertaken by
the Department of Trade and Industry with all interested parties, prior to
the bringing forward of legislation. Since June 1996 the Department of Trade
and Industry, together with other government departments, has been concentrating
on the detail of the legislation required to licence TTPs. This paper outlines
the Government's proposals and seeks comments on their suitability and scope.
Following this consultation the Government will make a further statement
indicating how the legislation is to be brought forward, and giving further
details of the intended regulatory regime.
This paper comprises seven sections. Section I introduces the paper. Section
II outlines the overall policy framework within which the Government's policy
on TTPs has been developed. Section III outlines international activity being
considered by the European Commission on information security, including
the promotion of TTPs. It also outlines discussions on similar issues taking
place within the OECD. Section IV discusses cryptography and the role it
has to play in securing the confidentiality and integrity of data. Section
V outlines the potential benefits of a TTP network in the context of information
security and indicates the range of services that TTPs might provide. Section
VI outlines the structure of the Government's proposals and seeks comments
on the areas it considers necessary to cover as the basis for legislation.
Section VII highlights those issues on which the Government would particularly
The annexes to this paper contain:
A paper on the legal recognition of digital signatures.
A paper on legal access to keys held by TTPs: International Aspects
An explanation of the proposed licensing criteria.
A glossary of terms.
A paper on the minimum functional requirements of an international TTP
Frequently asked Questions and Answers.
Comments are invited on the issues set out in this consultation paper by
Friday 30 May 1997. It may not be possible to take account of any
responses received after this deadline given the Government's wish to move
ahead quickly with the introduction of legislative proposals.
To obtain additional copies of this document, please ring 0171
510 0174 or fax 0171 510 0197, quoting DTI reference: URN 97/669.
You may access the document on the Internet at:
Comments should be sent in writing to Nigel Hickson at the following
Information Security Policy Group
Communication & Information Industries Directorate
Department of Trade & Industry
151 Buckingham Palace Road
London SW1W 9SS
Alternatively comments may be sent to the following e-mail address:-
[firstname.lastname@example.org] or faxed to 0171 931 7194
The Government does not intend to respond to individual comments. However,
all comments received will be acknowledged and will be taken into account
when proposals for legislation are introduced.
A summary of comments, subject to requests for confidentiality, will be published
prior to legislative proposals.
SECTION II: GOVERNMENT POLICY FRAMEWORK
The Government's policy on TTPs and the provision of encryption services
for the protection of information transmitted electronically should be viewed
in the context of the Government's broader objectives for building the
information society in the UK.
The Government's view is that new developments in information and communication
technologies offer exciting opportunities in the UK. Advances in the computing,
telecommunications and creative sectors, combined with the world-wide explosion
of electronic commerce, are revolutionising the delivery and availability
of information and services. The Government wants to ensure that everyone
in the UK is able to benefit from these developments and that they are able
to play a part in the emerging information society.
The UK is already a world leader in telecommunications, broadcasting and
multimedia - benefiting from Government action to liberalise the market and
promote competition. Both business and consumers are therefore well placed
to take advantage of the opportunities on offer. For example, many firms
are already finding that their ability to make effective use of new information
and communication technologies is crucial to their performance. Indeed the
increased use by British business of information technology over the last
decade has been a major factor in their improved competitive position in
Within this framework the Government has an important role to play in providing
leadership in certain key areas. These include:-
a) Creating the right regulatory framework so that industry and the economy
can flourish, while assuring proper protection for the public.
b) Promoting appropriate use of new technologies - in schools and colleges,
museums and libraries, in the health service and in all areas of public life.
c) Using information technology to improve efficiency in Government and the
effectiveness of the services it delivers to industry and the public.
d) Acting as a catalyst for new developments, bringing people together and
working in partnership with the private sector and local authorities to make
The Government has adopted a national strategy for the information society
- the Information Society Initiative - which seeks to include and
enrol everyone in the UK through a number of complementary initiatives applying
across all sectors of society.
- IT for All - a programme which offers the public a wide range of
opportunities to try and more readily understand technologies.
- Programme for Business - where business and commerce are
provided with wide- ranging resources, support and funding to help them thrive
in the emerging information based economy.
- government.direct - a recent Green Paper which sets out a
vision for the electronic delivery of Government services, making them more
accessible, more available and easier to use.
- The Education Department's Superhighways Initiative
which supports a series of projects designed to raise awareness of computer
networks in education and show how they can best enrich the delivery of
The growth in electronic commerce offers great opportunities for the business
community and consumers. The Government recognises however that it also brings
with it significant risks. In particular, the ability to conduct all kinds
of transactions across open information and communication networks like the
Internet has led to increasing concern about the security of the information
itself. In this context, businesses in particular have raised legitimate
concerns about the adequacy of security measures for protecting the integrity
and confidentiality of information transmitted on public telecommunication
networks. It is clear that increasingly the concerns of users are not only
about the availability of the technology and its benefits, but about the
level of trust that both business and the public can place in such technology.
These concerns represent a significant obstacle to the continued take up
of electronic commerce in the UK. Hence the issue of how best to facilitate
the provision of secure electronic commerce has become a key component of
the Government's objectives for building the information society.
One of the most effective security tools for protecting the integrity and
confidentiality of information transmitted on open electronic networks is
cryptography. Over the last 2 years there has been a growing demand from
industry for strong encryption services on communications networks and the
Government recognises that this can help solve some security problems. In
developing a policy in this area however the Government has to take many
different interests into account. For example, a significant area for
consideration in this context is how the spread and availability of encryption
technology will affect the ability of the authorities to continue to fight
serious crime and terrorism, and protect UK economic well being and national
security. In particular, the Government considers it essential that the ability
of security, intelligence and law enforcement agencies to conduct effective
legal interception of communications under the Interception of Communications
Act 1985 is preserved in any policy proposals. Another key area in developing
this policy is the need to ensure the privacy of individuals. That is why
the Government is in favour of developing a policy that will facilitate the
use of cryptography for everyone. The rights of individual privacy will be
strongly safeguarded by the technology made available, and the tightly controlled
legal access conditions that these proposals wish to introduce.
It is the need to strike a balance between the commercial requirement for
robust encryption services, with the need to protect users, and the need
to safeguard law enforcement and national security requirements which led
to an announcement by the Government in June 1996 of its policy towards
encryption services on public networks. It is on the basis of the policy
outlined then that the detailed proposals outlined in this paper- for the
introduction of legislation to license TTPs wishing to provide a range of
encryption services to their clients - are now being brought forward.
Whatever services TTPs provide, they must be trusted by their clients. Indeed
in a global trading environment there will have to be trust of, and between,
the various bodies fulfilling this function. To engender such trust, TTPs
providing encryption services to the general public will be licensed. The
licensing regime will seek to ensure that organisations who wish to establish
themselves as TTPs will be fit for the purpose. It will aim to protect consumers
as well as to preserve the ability of the intelligence and law enforcement
agencies to fight serious crime and terrorism by establishing procedures
for disclosure to them of the encryption keys, under safeguards similar to
those which already exist for warranted interception under the Interception
of Communications Act 1985.
SECTION III: EUROPEAN UNION & OECD DEVELOPMENTS
The Government's initiative on TTPs will be of much greater significance
for industry if similar developments take place in the countries of our main
trading partners. The development of encryption services via TTPs requires
compatible mechanisms in other countries and the UK has been active in promoting
the concept through both bilateral and multilateral contacts. Within Europe
the main forum for discussion on such issues is the European Union, in particular
the European Commission where DG XIII has a small unit dedicated to information
In 1992 a Committee of Member States on information security issues (known
as SOG-IS) was established as a forum for Member States to advise the Commission
on the sort of initiatives that might be appropriate in this field. This
resulted in a programme of work on information security including the adoption
of the ITSEC criteria (first developed by the UK, France, Germany and the
Netherlands) and the first pilot projects involving the use of Trusted Third
Parties for digital signature services. In August 1994 the Commission Services
began developing a proposal for a further programme of work concentrating
this time exclusively on the development of Europe-wide network of Trusted
Third Party Services (ETS) for the provision of cryptographic key management
services (for both confidentiality and integrity).
The Commission's proposal was the subject of lengthy debate by Member State
representatives, both in terms of the relative role of the member States
and the Commission in introducing such pan-EU services and the law enforcement
and national security issues pertaining to confidentiality services. As a
consequence, and due to other priorities, the Commission's proposals have
been delayed. It is hoped however that there will be a policy announcement
in 1997. In the meantime the Commission is sponsoring work on a number of
pilot projects concerning Trusted Third Parties in the ETS Preparatory Programme.
Of the eight projects recently funded by the Commission, UK companies are
involved in seven. The Government will be closely monitoring developments
on these projects to learn lessons for its own licensing regulations.
It is recognised that complementary European Commision initiatives on Trusted
Third Parties would be appropriate to enable an EU wide network of TTPs to
be established. The Government has therefore, been working closely with the
European Commission on the scope and content of applicable measures. The
Government, in concert with other European countries, has recommended that
the Commission adopt measures to demonstrate, trial and pilot TTP projects
which would underpin the EU wide development of encryption services through
Information on any of the current TTP projects can be obtained from David
Herson (DG XIII/7) at the European Commission (e-mail
email@example.com) or from the Commission Web site at
The other main international forum for the discussion of cryptographic policy
has been the Organisation for Economic Co-operation and Development (OECD).
The OECD has taken an interest in information security issues for a number
of years and in December 1995 hosted a landmark conference between industry
and Government. This conference indicated that both international co-operation
between Governments, as well as close co-operation between government and
industry, would be key in developing acceptable and forward looking encryption
policies. The OECD therefore decided to establish an Expert Group to look
specifically at the development of cryptography guidelines as a direct guide
to national policy development in member countries. The Expert Group met
four times in 1996 and in December agreed a draft paper on Cryptography
Guidelines for OECD consideration. This paper is currently being considered
by member countries and will hopefully be issued as an OECD Recommendation
to member countries in late Spring 1997.
In terms of content, and with regard to OECD confidentiality, the paper outlines
eight key principles which any national encryption policy (including industry's
development of products) should observe. These are Trust in Cryptographic
Methods (vital if they are to be used), Choice of Cryptographic
Methods (allowing the user to chose from a variety of systems), Market
Driven Development of Cryptographic Methods (noting that it is primarily
for the market, rather than Governments, to bring forward solutions),
Standards for Cryptographic Methods (which should be promulgated in an
open way), Protection of Privacy and Personal Data (the importance
of individual privacy), Lawful Access (outlining the Government's
right to legally access data -whether or stored or in transmission - and
encryption keys), Liability (which the TTP must take on) and
International Co-operation (stressing the need for countries to work
together on global, rather than national, solutions).
The OECD exercise has gained considerable public exposure and the Government
hopes that the guidelines, when published, will make a major contribution
to the goal of developing global encryption services of direct benefit to
business whilst safeguarding individual privacy and the national security
concerns of member countries.
In addition to activities within the EU and OECD, a number of other fora
and groups are also working on related encryption initiatives. In Europe,
the Council of Europe has recently developed guidelines on Computer Crime,
specifically noting the adverse role cryptography could have in hampering
investigations. In the context of standards, both regional and global groupings
are producing encryption standards. In Europe ETSI are developing a specific
standard for Trusted Third Parties while SC27 (part of ISO) are developing
a specific standard for digital signature and encryption methods. In addition,
the UN (through UNCITRAL) and the American Bar Association (ABA) are developing,
and the EU considering the development of, digital signature guidelines.
Individual countries both in and outside Europe are also developing their
own national approaches. Whilst the US, France and the UK are perhaps unique
in having policies on Trusted Third Parties involving key escrow, Germany
has introduced a draft Digital Signature Law, Canada is developing a Federal
Public Key Infrastructure, and Australia is developing a national Public
Key Authentication Framework.
SECTION IV: CRYPTOGRAPHY
Cryptography is the art or science of keeping a message secure. It can be
used to hide its information content, establish authenticity, prevent undetected
modification, prevent repudiation, and/or prevent unauthorised use.
Cryptography can be used to protect the confidentiality of data, such as
financial data or personal records, whether it is in storage or in transit.
Cryptography can also be used to verify the integrity of data by revealing
whether it has been altered and identifying the person or device that sent
it. These techniques are critical to the development and use of national
and global information and communications networks and technologies, as well
as the development of electronic commerce.
The development of information and communications technologies that allow
vast quantities of data to be transmitted, copied and stored quickly has
promoted a growing concern for the protection of privacy and confidentiality
of data. Effective cryptography is therefore an essential tool in a network
environment for protecting the privacy of personal information and the secrecy
of confidential business information.
Encryption uses a mathematical algorithm to encrypt data in order to render
it unintelligible to anyone who does not possess certain secret information
(cryptographic key) necessary for decryption of the encrypted data. Traditionally
the secret cryptographic key needs to be agreed in advance of any communication.
The secret key is used to both encrypt and decrypt the message. The security
of this type of encryption lies in protecting the key; divulging it would
allow anyone to decrypt the message. Therefore great care needs to be taken
to protect the key, and therein lies the difficulty of adopting such a system
for widespread use - how to protect the key and at the same time, distribute
it to those you wish to communicate with.
In the mid 1970s a new development in cryptography introduced the "public
key" concept, which allows parties to exchange encrypted data without
communicating a shared secret key in advance. Rather than sharing one secret
key, this concept uses two keys: a "public key" that can be disclosed
to the public and used to encrypt data, and a corresponding "private
key" that is kept secret and used to decrypt the data. Another important
use of public key cryptography is "digital signature", which is used to verify
the integrity or the sender or data. In this case, the private key is used
to sign a transmission, while the corresponding public key is used to verify
Public key cryptography offers the benefits of confidential transmissions
and digital signature in an open network environment in which parties do
not know one another in advance, and without the need to share secret key
information. The Government believes this is vital for electronic commerce
between trading partners who may, of course, not know each other.
For a public key system to work in the public domain, not only must the public
key be freely accessible, but also the user must have a reliable way of verifying
the authenticity of public keys. Such an infrastructure, for managing and
certifying public keys, can be based on a hierarchy or network of certificate
authorities or Trusted Third Parties. A TTP would be a trusted source
of information about the keyholder in the form of a "public key certificate".
The certificate could be used to verify certain information exchanged over
However, the widespread use of cryptography raises other important issues,
and cryptography policy should, therefore, balance a number of varied interests.
In addition to its role in the operation of electronic commerce, cryptography
has implications for the protection of privacy, intellectual property, business
and financial information, as well as law enforcement and national security.
A critical issue presented by cryptography is the possible conflict between
privacy and law enforcement. While the use of cryptography is important for
the protection of privacy, it can also be put to improper use such as hiding
the illegal activities of criminals and terrorists. Consequently, there is
a requirement to establish appropriate mechanisms for lawful access to encrypted
information. In the UK, security, intelligence and law enforcement agencies
can lawfully intercept communications under certain conditions in accordance
with the Interception of Communications Act 1985 (IOCA). Unfortunately, the
use of cryptography has the potential to seriously hamper this important
law enforcement tool, by making legally intercepted messages unreadable,
to the detriment of all law abiding citizens. Private parties may also have
legitimate reasons and a legal basis to obtain access to encrypted information.
For instance, an employee who has encrypted files may resign without leaving
information concerning the private key, or the death of an individual may
require a Solicitor to have access to their encrypted information. In all
of these circumstances TTPs can enable legitimate access to the keys to unlock
Legal access can be achieved by making use of a key escrow/recovery system.
Key recovery allows authorised persons (for example users, officers of an
organisation and law enforcement authorities) under certain conditions, to
decrypt messages with the help of cryptographic key information, held in
escrow, and supplied by one or more trusted parties. In such cases legal
access is to the private confidentiality key.
Another important issue is the fact that cryptographic products and technology
are also subject to export controls. The UK, and all EU member states, are
bound by the Council Regulation (EC) No. 3381/94 linked to the Council Decision
No. 941/942 CFSP. The introduction of these TTP proposals will hopefully
lead to relaxed export licensing procedures for cryptographic products used
SECTION V: TRUSTED THIRD PARTIES
A TTP can be described as an entity trusted by other entities with respect
to security related services and activities. A TTP would be used to offer
value added services to users wishing to enhance the trust and business
confidence in the services they receive, and to facilitate secure communications
between business trading partners. TTPs need to offer value with regard to
integrity or confidentiality and assurance of the services and information
involved in the communications between business applications. A user in the
UK, under these proposals, would be free to choose their own TTP.
Typically, a TTP will be an organisation, licensed by the DTI, which will
provide encryption services to a wide range of bodies across all sectors.
The use of a TTP is dependent on the fundamental requirement that it is trusted
by the entities it serves to perform certain functions. A TTP can also assure
the user of the trustworthiness of another user to the extent that they are
who they claim to be.
In practice, TTPs could exist in both public and private domains, at the
local, national and international level. TTPs should have trust agreements
arranged with other TTPs to form a network, thus allowing a user to communicate
securely with every user of every TTP with whom his TTP has an agreement.
The proposed legislation is solely concerned with licensing those TTPs offering
services to business and the public and not intra-company TTPs. TTPs, as
noted above, are required to interwork and therefore a key management
architecture is required to facilitate both the cross certification of keys
and legal access requirements. The minimum functional requirements the Government
considers suitable for such an international TTP architecture are outlined
at Annex E.
Some of the commercial and business benefits of a Licensed TTP solution are:-
TTPs are being licensed to protect the consumer - Users will need
to be protected from sub-standard TTPs. Users must also be assured of a TTPs
trustworthiness, technical ability, financial stability, confidentiality
of operations and ability to take legal liability for their actions.
TTPs will be able to offer interoperability of secure services hitherto
unavailable - While encryption products are available in the UK domestic
market, interoperability between different products is not possible. A lack
of standards for algorithms and interfacing, coupled with the high burden
of key management has created a fragmented market. Today's encryption market
is thus very costly. Passing the key management to TTPs and building products
to a common architecture will allow access to cryptography for everyone with
a PC. Encrypted communications, therefore, will no longer be limited to
Governments and larger organisations.
TTPs will allow UK Business to take advantage of secure electronic trading-
The wide availability of cryptography will allow more paper based
transactions to be conducted electronically. Time stamping, non repudiation,
confidentiality, authentication and integrity are all necessary to install
trust in the electronic age and to allow electronic contracts to take the
place of paper ones.
TTPs will also be able to offer Data recovery Services - At present,
if encryption keys are lost, stolen or deliberately withheld by disaffected
employees then the information will remain encrypted and may be lost to its
owner for ever. TTPs will be in a position to offer recovery of the keys
to their clients as they will store (or escrow) the keys.
TTP Encryption policy will help UK manufacturers to export robust encryption
within their products - Products that are designed to operate within
a TTP environment will be subjected to simpler export licence procedures,
thus allowing them to be exported with minimum restrictions. This increased
availability will stimulate a greater demand for encryption products both
in the UK and foreign markets. UK companies should be in a good position
to take advantage of this.
Use of licensed TTPs is voluntary - those wishing to do otherwise are
at liberty to do so - The market will decide if it wants to use TTP services
and not Government. The Government believes that the benefits of this scheme
will far outweigh any others. Of course those wishing to use any other
cryptographic solutions can continue to do so, but they will not be able
to benefit from the convenience, and interoperability of licensed TTP services.
UK taking lead in very important area - Many countries are currently
trying to develop a cryptographic policy. Many countries agree with the UK
that widespread use of cryptography must not be to the detriment of law
enforcement requirements. The Government believes that this scheme is the
best way to achieve this balance and that other countries may also see the
benefits and follow the UK lead.
Help to increase the Volume of electronic trading - Transactions over
the Internet are forecast to reach as much as £22 billion by 2005. Some
research suggests that the Internet will take 5 -10% of all retail traffic
by 2000. Various barriers (lack of security products and standards, and poor
interoperability) may impede this growth. The introduction of TTPs should
help in this respect.
SECTION VI: STRUCTURE OF THE PROPOSALS
The policy considerations for HMG which have determined the scope and content
of the proposed legislative headings which follow are outlined below:-
Positive Licensing regime
The Government believes that the positive (and individual) licensing
of TTPs (i.e. the body being licensed before the service can be provided)
is critical in allowing the initial assessment, monitoring and regulation
of a TTP that would meet the requirements of consumer protection, trust in
the market and security, intelligence and law enforcement access. Consumer
trust and acceptance are paramount as it is anticipated that licensed TTPs
will form the back bone of the Public Key Infrastructure in the UK which,
in itself, is a critical requirement for the growth of secure electronic
communication. Such licensing arrangements will, therefore, also apply to
TTPs solely providing public key certification services.
The Government has considered other routes such as negative licensing (where
bodies would be free to provide encryption services unless they breached
pre-set licensing conditions) and accreditation arrangements. These alternative
routes were not, however, considered adequate to facilitate the necessary
degree of consumer protection or trust. Either arrangement could, in the
Government's view, lead to the presence of unsuitable or incompetent TTPs,
thus significantly damaging the infant TTP market.
Voluntary use of TTPs
The legislation is directed solely towards the
provision of encryption services to subscribers
in the UK and not the use of
encryption. Organisations offering or providing encryption services
to the public in the UK, including those providing or advertising such services
from outside the UK, will be required to be licensed. (The Government is
also considering whether UK based bodies which provide encryption services
solely to clients outside of the UK should also require licensing).
Users, however, will remain at liberty to choose whether to make use
of TTPs, or to make other arrangements for their encryption requirements.
Key recovery from licensed TTPs.
In terms of Key Recovery the proposed legislation is concerned solely with
legal access to private encryption keys (which are used to protect the
confidentiality of information) required by the authorities in connection
with the lawful interception of communications (i.e. information on the move)
or for lawful access to data stored and encrypted by the clients of licensed
TTPs. There is, of course no intention for the Government to access
private keys used for only integrity functions. Legal access to encryption
keys will be permitted through serving warrants on TTPs.
The Government recognises that further legislation may be required in the
future to enable the appropriate authorities to obtain private encryption
keys other than those held by licensed TTPs.
Exclusions (e.g. intra-company TTPs)
The TTP legislation will not require intra-company TTPs (i.e.
organisations supplying encryption services to their own employees or those
within their own Group of companies) or similar closed user groups, to be
licensed. However, if within such a closed community an intra-company TTP
wishes to extend its services beyond the members of the group or, if it wishes
to interoperate with a licensed TTP, a licence will be required.
Encryption services as an integral part of another service (such as in the
scrambling of pay TV programmes or the authentication of credit cards) are
also excluded from this legislation.
The Government invites views on whether the suggested scope of an exclusion
from licensing for intra-company TTPs is appropriate in this context.
Various national and international bodies are currently considering a number
of issues concerning the legal recognition of electronic signatures. For
example, a note on the recommendations contained in a recent report by the
Society for Computers and Law on digital information and the requirements
of form generally is at Annex A. In the UK, research has shown that
uncertainty as to the legal effect of using electronic commerce is seen by
the business community as a considerable barrier to its development. In
particular, there is uncertainty as to whether a requirement in law for a
signature can be met using electronic technology. The Government is currently
considering how best to ensure that requirements of form laid down in statute
law can be met electronically. This is likely to be a massive undertaking
as it involves reviewing all existing legislation to identify those cases
where use of electronic technology would not meet legal requirements of
Two separate issues which need to be considered are how the identity of the
signatory of a document and the integrity of a document may be proved in
legal proceedings in the UK. These issues may arise where a digital document
is admissible in court and where digital signature satisfies relevant
legislation. Parties to encrypted documents may be able to agree between
themselves as a matter of contract law that they will accept a certificate
by their TTP as to these matters in any action against each other over the
contract. This would not however bind a third party and would not necessarily
assist if the validity of the contract were challenged.
The Government would welcome views on whether this legislation should establish
a rebuttable presumption in any proceedings that a document has been signed
by the person or persons named in a certificate issued by a licensed TTP
who has provided encryption services in relation to that document. A similar
presumption could also apply to the certification by a licensed TTP of the
integrity of a document. This would have the effect of placing the burden
of proof on a person wishing to challenge the identity of a signatory of
a document or the integrity of a document.
The Government invites views on whether, in the short term, it would
be sufficient for business to rely on agreements under contract regarding
the integrity of documents and identification of signatures; or whether it
would be helpful for legislation to introduce some form of rebuttable presumption
for the recognition of signed electronic documents.
Convention on key exchange to underpin TTP legislation
Although the legislation will require foreign TTPs offering or providing
encryption services to clients in the UK to have a registered base in the
UK (which will allow for the licensing of non-UK bodies with no trading presence
in the UK), there will be no provision requiring UK clients to use a UK licensed
TTP. They are, and will be, free to register with foreign TTPs. It will therefore
be necessary (for law enforcement purposes) to establish arrangements with
other countries for the exchange of keys. The UK Government believes that
these arrangements will be on the basis of dual legality i.e. whereby the
criteria for access is satisfied in both countries. The keys held by UK licensed
TTPs will not, under this legislation, be permitted to be disclosed to the
authorities of other countries unless such requests satisfy UK law and are
authorised by the competent UK authority. A fuller description of such
arrangements is at Annex B.
Licensing Criteria & Conditions
It is intended that the licensing conditions, as opposed to the criteria
on which licences will be granted, will not be prescribed in the legislation.
The legislation will provide that bodies wishing to offer or
provide encryption services to the public in the UK will be
required to obtain a licence. The legislation will give the Secretary of
State discretion to determine appropriate licence conditions.
The DTI has been chosen as the initial authority for the licensing, in view
of its experience in licensing telecommunications operators. Further
consideration will be given to whether the on-going enforcement task in relation
to these licences will also be handled by the DTI, or whether it will be
delegated. The legislation will include provisions to allow both licensing
and on-going enforcement to be delegated to a responsible designated body.
More detail about the structure of the regulatory arrangements will be included
in the further statement referred to in paragraph 3 above.
The duration of licences will be a minimum of five years. Licence fees will
be payable both on the grant of a licence and annually thereafter to meet
the cost of their issuing and enforcement.
The Government invites views on the appropriateness of these arrangements
for the licensing and regulation of TTPs.
Licensing Criteria & Conditions
As noted above the DTI or a designated body will be responsible for determining,
and enforcing compliance of TTPs with, the licensing conditions. DTI will
consult with other government departments and organisations on the practical,
legal or technical details as necessary.
Before the Licensing Authority will deem an organisation fit to receive a
licence to provide encryption services, it will need to be satisfied as to,
competence and trustworthiness of information security personnel
competence and trustworthiness of directors
competence of information security management
technical assurance of IT security equipment used for key management and
adherence to quality standards and procedures
adequate liability cover
ability to meet legal access conditions
the TTP's business plan and longevity of interest in market
isolation of TTP function from other business functions
interface requirements to other Licensed TTPs
structure and ownership
Annex C outlines in more detail the thinking behind the above criteria
and seeks comments and suggestions on their appropriateness. A register of
the holders of TTP licences, and the licences issued should be publicly
The licence conditions will include such conditions as are necessary to ensure
continued adherence to the licensing criteria. THis may include-:
provision of quality services to public
demonstration of co-operation to authority under legal access conditions
adequate co-operation with other licensed TTPs
The exact scope of licensing conditions applied to a TTP will depend, inter-alia,
on the encryption services being provided.
The Government seeks views on the proposed conditions.
Encryption that is used solely in the protection of a business service (e.g.
in pay TV systems or in payment systems), or encryption services that are
provided only to the employees of the service provider or those in the same
group of companies (see footnote 5) are outside the scope of this legislation.
For example, a home banking service offered by a bank to its clients, which
included a cryptographic functionality designed to protect the banking
transaction between a client and the bank, would not be covered by this
legislation. However, if the bank wished to extend the cryptography's
functionality and allow client to client communications, then this service
would be covered by the legislation, and the bank would need to apply for
a licence. Another example, of an excluded service, would be the key management
and certification services that might be offered by providers to credit card
companies to authenticate the users of their cards.
Similarly, an employer offering cryptographic protection between its employees,
(whatever the functionality) would not be covered by this legislation. However
should it decide to extend the protection service to its suppliers, then
it would require a licence.
In many cases such "intra-group" TTPs are likely to seek a license given
their need to interoperate with organisations outside their own organisation,
or with clients of a licensed TTP.
The Government invites comments on whether specific exemptions for
particular organisations offering encryption services may be appropriate,
depending on the nature of services offered.
The Government also invites comments on whether it is thought desirable
to licence the provision of encryption services to businesses and citizens
wholly outside the UK.
The legislation will prohibit an organisation from offering or providing
encryption services to the UK public without a licence. Prohibition
will be irrespective of whether a charge is made for such services. The offering
of encryption services to the UK public (for example via the Internet) by
an unlicensed TTP outside of the UK will also be prohibited. For this purpose,
it may be necessary to place restrictions on the advertising and marketing
of such services to the public.
The legislation will be framed so as to give existing providers of encryption
services time to obtain licences, as TTPs, before the prohibitions outlined
above come into effect.
For the purposes of this legislation the terms public and encryption
services will encompass the following meanings:
Public will be defined to cover any natural or legal person
in the UK.
Encryption services is meant to encompass any service, whether provided
free or not, which involves any or all of the following cryptographic
functionality - key management, key recovery, key certification, key storage,
message integrity (through the use of digital signatures) key generation,
time stamping, or key revocation services (whether for integrity or
confidentiality), which are offered in a manner which allows a client to
determine a choice of cryptographic key or allows the client a choice of
The legislation will also prohibit a UK licensed TTP from contracting with
any non licensed TTP for the purposes of carrying out encryption services.
In order to build up a TTP network it may be necessary from time to time
for UK licensed TTPs to recognise non-licensed bodies from other countries
where no licensing regime exists. In such cases recognition should not be
given to an unlicensed body until the UK licensed TTP is satisfied that such
recognition would not put at risk its ability to meet any of its obligations
under this, or other, legislation, or international obligations (such as
those concerning data protection).
The legislation will provide that the Secretary of State may issue a warrant
requiring a TTP to disclose private encryption keys (protecting the
confidentiality of information) of a body covered by that warrant. Under
such legal access arrangements, there will be safeguards broadly similar
to those in the Interception of Communications Act 1985, under which a Secretary
of State may issue a warrant requiring the interception of communications
For the purposes of legal access, a central repository might be nominated
or established by the UK authorities. The purpose of this central repository
will be to act as a single point of contact for interfacing between a licensed
TTP and the security, intelligence and law enforcement agencies who have
obtained a warrant requiring access to a client's private encryption keys.
The central repository would, therefore, be responsible for serving the warrant
(whether by physical or electronic means) on the TTP and distributing the
encryption key to the appropriate agency.
It is envisaged that a warrant would require a TTP to disclose, in a timely
manner, cryptographic key material to a central repository (acting on behalf
of an agency). It is envisaged that it should take no more than an
hour for a TTP, once presented with a validated warrant request, to deposit
the appropriate client encryption key(s) with the central repository.
The procedures and methods to enable such timely disclosure will be determined
between the licensed TTP and the central repository. The costs of obtaining
a warrant and serving it on a TTP, as well as the direct costs of the TTP
complying with such a request, shall be borne by the appropriate agency.
Costs of implementing and maintaining the technical capabilities for legal
access shall, however, be borne by the TTP.
In order to comply with the above legal access provision, TTPs will be
to have the ability to deliver cryptographic key material by secure electronic
means to a central repository on receipt of a validated warrant.
to demonstrate the ability to recognise a duly authorised warrant served
by the central repository, and to comply only with such a warrant.
to be responsible for facilitating all measures necessary for legal access.
to keep auditable records of legal access requests.
at all times, not to deliberately or negligently jeopardise the integrity
of any legal access request, or to disclose the identity of the target of
such a request.
In addition to disclosure under the Legal Access provisions noted
above the TTP may also release the private encryption key of the client under
contractual arrangements between the two parties. Such arrangements may,
for example, ensure that keys which have been used to encrypt company files
can be released when the user leaves the employ of the client company. Other
arrangements allowing third party access by a solicitor, or other persons,
may also be agreed between the parties in certain circumstances.
The Government seeks views on whether secure electronic methods for
the delivery of electronic warrants by the central repository and the subsequent
delivery of keys by the TTP should be introduced.
The Government also seeks views on whether the legislation specifically
needs to refer to other forms of legal access including a civil court order
for access to cryptographic keys used to protect information relating to
civil matters such as bankruptcy.
It is recognised that in order for business and the public to have trust
in TTPs, some forms of sanction will be required against those either not
complying with the conditions of the licence or, more seriously, providing
encryption services without a valid licence. On the latter, we intend that
it will be a criminal offence for a body to offer or provide licensable
encryption services to the UK public without a valid licence. We consider
- again on grounds of consumer confidence - that it may also be appropriate
for the legislation to make it a specific criminal offence for a licensed
TTP deliberately to disclose a client's private encryption key (or for an
employee of such a TTP to do so), other than pursuant to any legal requirement,
or permission of the client, to do so. There are, however, existing provisions
(including the Data Protection Act and the Computer Misuse Act) which would,
in some circumstances, already apply to the disclosure of a client's private
encryption key in this respect.
The Government seeks views on whether deliberate (and perhaps wilfully
negligent) disclosure of a client's private encryption key should be a specific
criminal offence, or whether existing civil and criminal sanctions
Other types of sanction will be necessary for non-compliance by TTPs with
other licence conditions. Such sanctions may include fines, specific orders
issued by the regulator, and (in extremis) withdrawal of a licence.
TTPs will be liable for the protection of the private encryption keys of
clients at all times while they are in their possession. They will also be
liable for the protection of hierarchical keys upon which the secrecy of
client keys or system keys are dependant. In the event of loss or disclosure
(whether deliberate or accidental) of keys the TTP will be required to have
in place adequate arrangements to compensate any loss suffered by its clients
or clients of other TTPs. The TTP will be required to demonstrate, to the
satisfaction of the Licensing Authority, that such arrangements have been
made. TTPs will also have vicarious liability for acts of their employees.
In order to ensure adequate consumer protection the Government is minded
to impose a form of strict liability on TTPs in relation to the compromise
or disclosure of a client's private encryption key. A TTP would be strictly
liable if such a key was disclosed other than by agreement with its client
(but see paragraph 88 for circumstances in which the authorities have legally
obtained the key). The client would only have to establish disclosure and
not responsibility for such disclosure. It would be a defence for the TTP
to show that the client itself was responsible for the loss or compromise
of his own private keys (whether those for integrity or confidentiality).
Since the TTPs would have strict liability, the Government also proposes
to limit the amount of compensation payable by TTPs to the client if disclosure
(or compromise) of the key was established by the Court.
As the concept of fault (i.e. of either the TTP or another party (e.g. the
central repository) is not an issue in such proceedings there would also
be - in cases of a judgement against a TTP - an automatic referral to a Tribunal
(established under the legislation). It would then be for the Tribunal to
determine whether there had been legal access under warrant to the key, and,
if so, whether the responsibility for the disclosure (or compromise) lay
with the central repository or the security, intelligence or law enforcement
agencies. If so, the Tribunal would order recompense to the TTP for the loss
it had paid the TTP client and would publish its findings accordingly. Liability
cover and compensation above the minimum level will be at the discretion
of the TTP and its clients and will be dealt with by individual contract.
These arrangements, we believe, balance the rights of the TTP clients to
compensation for loss caused by disclosure of their private encryption keys,
against protection of TTPs from unlimited liability.
The Government invites comments on whether the principle of strict
liability (as described above) is appropriate in these circumstances.
Appeals and Tribunal
Careful consideration will be needed of the extent to which decisions taken
about the granting of licences and their enforcement and amendment should
be appealable. The Government sees merit, in terms of increasing the industry's
confidence in the regulatory process, for some form of appeals body to be
created which is independent of the parts of the Government responsible for
licensing and enforcement.
The Government seeks views on whether, in principle, an independent
appeals body (such as a Tribunal, separate from that referred to below) should
A Tribunal would also be established, which would deal both with references
from the Courts under the strict liability procedures (described above) and
applications from the clients of TTPs who believe that their keys may have
been subject to legal access. As with the similar Tribunal established under
IOCA, the Tribunal's function would be to ascertain whether warranted access
had taken place and, if so, whether any contravention of the legislation
The Government seeks views on whether the above duties of an independent
Tribunal are appropriate.
Location of TTPs
All organisations wishing to be licensed in the UK as TTPs will be required
to register a UK address (if they do not already have one). This address
is necessary to ensure compliance with the legal access conditions, Regulatory
Orders and other sanctions. It will not be necessary for the escrowed keys
themselves to be held in the UK, but only that they are delivered to the
SECTION VII: Moving Ahead
The Government invites comments on this paper until 30 May 1997 (see
Introduction for information on where to send comments). In particular
the Government would like to receive views on:-
Paragraph 50 - Whether the suggested scope of an exclusion from
licensing for intra-company TTPs is appropriate in this context.
Paragraph 54 - Whether, in the short term, it would be sufficient
for business to rely on agreements under contract regarding the integrity
of documents and identification of signatures; or whether it would be helpful
for legislation to introduce some form of rebuttable presumption for the
recognition of signed electronic documents.
Paragraph 60 - The appropriateness of the proposed arrangements
for the licensing and regulation of TTPs.
Paragraph 65 - Where views are sought on the proposed
Paragraph 70 - What, if any, specific exemptions
for particular organisations offering encryption services would be appropriate
depending on the nature of services offered?
Paragraph 71 - Whether it is thought desirable to licence the provision
of encryption services to businesses and citizens wholly outside the UK?
Paragraph 81 - Should secure electronic methods for the
delivery of electronic warrants by the central repository and the subsequent
delivery of keys by the TTP be introduced?
Paragraph 82 - Does the legislation specifically need to refer
to other forms of legal access including a civil court order for access to
cryptographic keys used to protect information relating to civil matters
such as bankruptcy?
Paragraph 84 - Should deliberate (and perhaps wilfully negligent)
disclosure of a client's private encryption key be a specific criminal offence,
or would existing civil and criminal sanctions suffice?
Paragraph 89 - Whether the principle of strict liability (as described
) is appropriate in these circumstances?
Paragraph 91 - Whether, in principle, an independent appeals body
(such as a Tribunal, separate from that referred to below) should be created
Paragraph 93 - Whether the proposed duties of an independent
Annex C - Would mandatory ITSEC formal evaluation be appropriate?
96. The Government will need to consider the comments received and, in some
cases, discuss them with their originators. A summary of comments will be
published prior to the introduction of legislative proposals, subject to
requests for confidentiality.
Legal Recognition of Digital Signatures
The emergence of electronic commerce will, to a large extent, be determined
by the market both in term of the availability of technology and the trust
business has in it. Governments can, however, help to facilitate secure
communications by helping to provide the appropriate regulatory and legal
infrastructures. Apart from the licensing of Trusted Third Parties, which
the proposed legislation will deal with, Governments may also wish to ensure
that electronic communications, especially when used for electronic contracts,
can be legally recognised. Although electronic "partners" may well be prepared
to contract with one another on the basis of "trust" (as many organisations
do already) there is a perception that some form of legislation should underpin
the basis of this electronic communication. For example, if there were a
dispute on the alteration, or disclosure of a message, recourse to the courts
may well be appropriate.
In recognition of the possible need to introduce new, or amend existing,
legislation to allow for the recognition of digital transactions, and
particularly digital signatures, the Government has welcomed the work of
the Society for Computers and Law. The group, co-ordinated and facilitated
by the Commercial Law Unit at Queen Mary and Westfield College has examined
whether current English legislation may prevent electronic contracts being
enforced; and - if so - what steps might be taken to address the issue. It
was recognised that Scottish law, which is different in some respects, would
have to be, and is being, looked at separately.
The Group has now made the Government aware of their findings on both of
the above counts. To answer the first question the Group analysed those terms
in legislation which pertained to the transmission of electronic information.
They thus considered whether the existing usage of words such as "information",
"document", "recording", "writing" and "signature" had meanings, in their
legislative context, which could extend to digital electronic information.
Basically, they found that all the above terms, and others, could be extrapolated
to cover electronic information apart from the terms "signatures", "writing"
and (more obviously) "physical writing". These latter terms, they suggested,
had meanings which generally pertained to the "physical " world of documents
and ledgers, rather than to the electronic one. Thus they suggested that
by altering, or perhaps extending the general meaning of these words, it
would be possible for future legislation to be electronic proof (so
to speak). For existing legislation, however, the Group concluded that piecemeal
change would probably be more appropriate. This being based on the vast amount
of exiting law which has references to "writing" and "signatures" in, and
the realisation that some of this body of law may actually require
physical actions (such as a signature in writing for some legal
In light of these findings, DTI, and other interested parties, may now wish
to consider whether these measures, or any others should be taken forward.
Introducing changes to the above terms through the use of the Interpretation
Act (as recommended by the Group) is a complex matter and would, necessarily
require primary legislation. Government will also no doubt consider whether,
and if so how, the further (and perhaps even more difficult) task, of examining
the current legislation - to see where the terms "signature" and "writing"
need amending, can be taken forward.
These are complex issues and cannot be rushed. Such changes will possibly
help to underpin secure electronic commerce for a long time to come. We cannot
afford therefore to get it wrong.
The picture is further complicated by the fact that electronic commerce is
global in nature. The contracting parties will - possibly in the majority
of cases - not both be in this country and therefore the law of a different
jurisdiction may also be relevant. In recognition of this a number of different
bodies (both public and private) as well as different Governments, are
contemplating issues of digital signature recognition. Perhaps the most important
is the work being undertaken by the United Nations Commission on International
Trade Law (known as UNCITRAL). The latter set up a working party 1995 to
try and develop a "Model Law" which would aid members in developing compatible
and broadly similar legislation. This being on the simple basis that issues
such as dispute resolution, may be easier to handle where legislation is
broadly similar, rather than totally different. The "Model Law" has now been
published and has already formed the basis of legislation in a number of
US States. The Group's recommendations, noted above, is also broadly compatible
with the UNCITRAL approach. Work at the UN, however, does not stop with the
Model Law. A new working group of UNCITRAL has now been commissioned to look
at the process of using digital signatures. They will be exploring such issues
as the role, and responsibilities of Certification agents, and how the legal
certainty of a signature relates to the technological process being used
to sign data.
Another initiative has come forward from the American Bar Association (ABA)
who have produced their own legal guidelines on both the use and recognition
of digital signatures. The European Commission has also recently initiated
a number of studies of the legal recognition of digital signatures perhaps
as a forerunner to the emergence of guidelines of their own.
The DTI, and other interested Government Departments, will take note of these
developments in considering what steps we need to take.
LEGAL ACCESS TO KEYS HELD BY TRUSTED THIRD PARTIES:
1. If the UK and other countries adopt a system of Trusted Third Parties
(TTPs) providing confidentiality services including encryption on a key escrow
basis, it will be open to encryption users to register with a TTP abroad.
Unless workable arrangements are in place for the authorities to gain access
to keys escrowed with TTPs in other countries, criminals may choose to register
with TTPs abroad in order to evade national legislation providing for access
to keys held by TTPs licensed in their own country.
2. Direct access to TTPs by foreign authorities would raise a number of concerns,
the host country might be concerned that access to certain encrypted data
might be detrimental to its national security and economic wellbeing;
in the law enforcement domain, keys might be sought in connection with the
investigation of offences abroad which would not be serious enough to justify
interception or key access under the host country's own legislation;
any indication that key access might be inadequately controlled could undermine
the confidence of the public and industry in the integrity and security of
3. To meet these concerns the host country's authority would need to have
full information on the foreign authority's case for seeking disclosure of
keys, in order to enable a decision to be taken on whether or not to serve
a warrant on the TTP.
4. It has been suggested that some of these concerns might be met if, rather
than permitting the release of encryption keys at the request of a foreign
authority, international arrangements provided for the passing of plain text
of decrypted material.
5. Provision of plain text may be adequate where the need is for decryption
of stored material seized for evidential purposes. Arrangements for the provision
of plain text in such cases might be pursued through:
bilateral agreements, or;
(where plain text is required for evidential purposes) agreements based on
existing arrangements for mutual judicial cooperation.
6. However, the provision of plain text is unlikely to be practical where
the need is for urgent decryption of intercepted communications or decryption
of stored data to provide time critical operational intelligence. In these
cases arrangements for the release of keys to the requesting authority would
Arrangements for key access
7. Arrangements for lawful key access need to:
create an enforceable obligation on TTPs to disclose keys when required to
protect TTPs from any criminal or civil liability which might arise from
the disclosure of keys.
8. These aims would need to be achieved by national legislation in the state
which has jurisdiction over the TTP's actions. If it is accepted, as argued
in paragraphs 2 4 above, that there should not be a system of automatic
recognition of warrants from foreign authorities, then the legislation would
need to provide for the issue of a national warrant by the competent authority
in the "receiving" state, within an agreed framework of arrangements for
international cooperation. It is recognised that this sort of procedure will
introduce some delays into the process of obtaining keys, but these should
be considerably less than those which would arise from the provision of plain
9. The criteria for granting a key access request from another state might
the request has been made by a recognised competent authority in the "requesting"
state (this might be an executive or a judicial authority according to the
law of the requesting state);
the request discloses information which satisfies the competent authority
in the receiving state that the release of keys is required for the prevention
or investigation of serious criminal offences, or in the interests of the
national security or economic wellbeing of the requesting state;
the request satisfies the competent authority in the receiving state that
release of the requested keys would not adversely affect the national security
or economic interests of the receiving state or any friendly state;
the receiving authority is satisfied that there are adequate arrangements
in the requesting state for ensuring that keys are held securely, not used
for purposes other than those disclosed in the request, and are destroyed
when no longer required.
Form of agreement
10. The international arrangements could be provided for either by bilateral
agreements or a multilateral convention. The commitments created by any
convention should ideally be the minimum necessary to achieve the desired
states would be required to have legislation in place to enable them to consider
requests for key access from other states which are parties to the convention;
the competent authority to determine a request from another state should
be a matter for national legislation;
the authority in the receiving state should not be required to agree to any
request unless the criteria of its national law on key access are fulfilled;
a refusal by a competent national authority to comply with a request from
another state should not be reviewable by any international tribunal.
Explanation of Licensing criteria
Competence of information security personnel.
It will be necessary to ensure that TTP security personnel are competent,
suitably qualified, trusted & have successfully completed a recognised
security vetting procedure.
Competence of directors.
Checks will need to be undertaken to ensure that the background and other
business interests of directors would not compromise the trust placed in
Competence of information security management.
TTPs will need to demonstrate that their system security policy is suitable
for TTP operations and consistent with information security standards (such
as BS 7799).
Technical assurance of IT security equipment used for key management and
Evaluation of the security system and IT security products will need to
be undertaken, for example UK ITSEC, although formal evaluation by an independent
third party may not be the sole evaluation procedure.
The Government seeks comments on whether mandatory ITSEC formal evaluation
would be appropriate
Adherence to quality standards and procedures.
e.g. ISO 9000.
Assessment of business plan and longevity of interest in market.
TTPs will need to demonstrate that their interest in providing a TTP service
is not short term. They will also need to demonstrate that adequate procedures
are in place to ensure the integrity and confidentiality of all information,
in the event that the TTP withdraws such services.
Isolation of TTP function from other business functions.
Many organisations may wish to operate as TTPs while continuing other
business interests. A TTP may need, therefore, to demonstrate that the TTP
function is isolated from its other business functions.
Interface requirements to other Licensed TTPs.
In order to achieve widespread interoperability, TTPs will be required
to operate to common interface requirements.
Company structure and ownership.
Checks will be made to ensure that those who own, or effectively control,
an organisation, are suitable candidates for ownership of a TTP.
Glossary of Terms
The following terms are described for information only and are not intended
to be interpreted as legal definitions:
Authentication: The verification of a claimed identity.
Central Repository: Government department or agency set up by
Government to act as a point of contact for
interfacing between a TTP and the appropriate law
Confidentiality: The prevention of the unauthorised disclosure of
Cryptographic key: Is a parameter used with a cryptographic algorithm
to transform, validate, authenticate, encrypt or
Cryptography: The art or science of keeping messages secure.
Digital Signature: Data appended to a message that allows a recipient
of the message to prove the source and integrity of
Dual Legality: A legal request from a foreign agency must satisfy
legal access conditions in both the requesting
country and the country being asked.
Encryption Algorithm: A mathematical function used to change plaintext
into ciphertext (encryption) or vice versa
Integrity: Prevention of the unauthorised modification of
Key escrow / recovery A capability that allows authorised persons, under
certain prescribed conditions, to decrypt
ciphertext with the help of information supplied by
one or more trusted parties.
Key management: The process of generating, storing, distributing,
changing, and destroying cryptographic keys.
Key revocation: Notification that a public cryptographic key is no
Private key: The private (secret) part of a cryptographic key
pair. Knowledge of which should be strictly
Public key certificate: Public key information of an entity, signed by a
trusted entity to certify the integrity of the
Public Key Infrastructure Supporting infrastructure, including non-technical
(PKI): aspects, for the management of public keys.
Public key: The public (i.e. non secret) part of a
cryptographic key pair. This key is widely known
and no secrecy should be attached to it.
Time stamping: An electronic equivalent of mail franking.
Trusted Third Party An entity trusted by other entities with respect to
(TTP): security related services and activities.
Minimum Functional Requirements for an International TTP Architecture
1. The framework should provide benefits to the legitimate user. It must
support electronic business transactions in terms of integrity, authenticity
This is important in order to encourage widespread acceptance and justify
any costs for users.
2. It should provide for both national and international working.
Use of a local TTP would be encouraged; in some countries it might be
3. It should use well known techniques and thus be public and
It is recognised that well known techniques are essential for broad initial
acceptance and for subsequent confidence by users, although there is no direct
national security reasons for insisting upon this. Any truly international
system cannot, by definition, rely upon classified parts. This does not,
however, automatically exclude the system from use in protecting classified
4. It should support all forms of electronic communication.
One-way communications, such as e-mail, must be included, but any proposal
must be suitable for all forms of communication.
5. It should be compatible with different laws and regulations of
participating countries concerning interception, use, supply and export.
The need for licences or other forms of authorisation is unaltered, although
a successful system should aim to make licensing arrangements easier for
6. It should provide access under warrant (or other legally-constituted
form of authority) to the data specified in the warrant, which includes both
incoming and outgoing communications.
The warrant would be from a single jurisdiction.
7. It should not impede the due process of law and order. In particular,
it should allow near-real-time access when a warrant is held. The system
must not allow the user to detect that warranted access is taking or has
The system must cater for lawful access.
8. It should give the sender the opportunity to ensure that legitimate
access by the authorities to data specified by the warrant does not also
allow indefinite access.
There should therefore be technical and/or procedural means to enforce
the time limits (for access to the appropriate private confidentiality key)
laid down in the warrant. Such arrangements will help facilitate the confidence
9. It should provide for the use of a variety of data encryption algorithms
whether in hardware or software.
Use of software may not be appropriate for some security critical
applications, but it will inevitably be widely used and must therefore be
10. It should not be possible to misuse information obtained under a warrant
to fabricate evidence.
Separation between confidentiality and authentication/non-repudiation
is needed, not least to ensure that the ability of the authorities to decrypt
data does not also put them in a position of being able to impersonate
11. It should ensure that attempted abuse by the sender can be noticed
by the receiver.
It should be impractical for user to subvert or bypass the legal access
provisions. If the recipient contributes to the process of producing the
data encryption key then this applies to both parties.
12. It should not require a user to deal with a Trusted Third party in
Users should be able to choose their own TTP, but any framework should
not force users (on technical or national policy grounds) to deal with foreign
13. It should not require either regular or on-line communications between
Trusted Third Parties.
It would be unwise to presume permanent availability of all parts of a
network. TTPs need to provide a timely service, but not necessarily a 24-hour
one for users.
Frequently asked Questions and Answers
What is a TTP?
An entity trusted by other entities with respect to security related activities
Who will use a TTP?
Anyone who wishes to have secure communication between two parties, particularly
those that have never met.
Will use of a TTP be mandatory?
No. The market will decide if it wants to use TTP services. Those wishing
to do otherwise will be at liberty to do so.
Who will be able to be a TTP ?
Any commercial or non-profit organisation would be eligible provided that
it can meet the appropriate licensing conditions.
What are the benefits for business ?
A network of TTPs, operating to a common architecture should present significant
benefits. For example, availability and interoperability of encryption products;
a supporting infrastructure that facilitates international public key
certification for authenticity, integrity, and confidentiality; expensive
and complex key management tasks and secure backup facilities to prevent
irretrievable loss of information. Secure communication between unknown parties,
without the need to depend on either expensive or multiple solutions, will
become common place and thus lead to increased confidence and use of the
Why should users trust a TTP ?
There should be no less reason to trust a TTP than there is to trust, for
example, a bank. A licensing regime will help to ensure that only reputable
service providers are able to become TTPs. It is important to note that whilst
a TTP will hold private confidentiality keys in escrow, it will not normally
have access to the encrypted traffic as this will be sent by the user over
whichever telecoms network he chooses.
Will there be a Government TTP ?
Government departments will need TTP services as much as other organisations,
especially where business is transacted with the public.
Why the need for licensing ?
Given the position of trust that a TTP would hold, and the importance its
clients will attach to their reliability, some form of regulation of the
activities of a TTP is necessary if only to protect the public.
Will UK citizens need to register with a UK TTP ?
No, but any foreign TTPs offering services in the UK will need to meet the
UK licensing conditions.
Will you attempt to control the length of encryption keys ?
No. For use in the UK that is an issue for the market to decide.
What involvement will industry have in the policy process ?
As is made clear in Mr Taylor's statement on 10 June 1996, the DTI will conduct
more formal consultation with all interested parties prior to introducing
legislative proposals. This consultation paper forms the major part of that
ongoing consultation process.
When will legislation be passed ?
After this consultation period is complete and at the earliest opportunity
in the legislative programme. Other circumstances permitting, we hope to
bring forward legislative proposals during the next Parliamentary session.
Are you adopting a purely national approach ?
No. Electronic commerce is global in nature and the international perspective
needs to be fully taken into account. The UK approach is consistent with
ideas being discussed in other fora such as OECD and the European Union.
How will law enforcement access be achieved ?
Where a warrant has been obtained under due process of law, TTPs holding
secret confidentiality keys will be required to release them to the law
Will a TTP be able to access an encrypted message ?
No. It is important to be clear that it is not envisaged that the encrypted
communication would be routed via the TTP. Nor will the TTP encrypt the message,
it will merely assist (depending on the service offered) in the very complex
area of key management or Key Certification.
If such a system is not mandatory why bother, surely crooks and terrorists
will use something else ?
Criminals will often make use of whatever technology is conveniently available
to them. We expect TTPs to have a major role in conveying secure electronic
communications, especially where a payment for legitimate services is involved.
Surely this is just a front for security agencies to expand their "big
brother" role ?
No. The UK accepts that businesses have a need to safeguard both the integrity
and confidentiality of their information, and is keen to find effective means
of meeting this need. The TTP approach will provide such a means, but in
a way that would also meet another important need, namely to preserve the
effectiveness of the existing powers to intercept communications. Similar
safeguards to those that already exist under the Interception of Communications
Act 1985 will be established. Widespread encryption has the potential to
make legally intercepted messages unreadable, to the detriment of all law
What about export controls - will they be relaxed ?
Products for specific use within a licensed TTP network should not create
export difficulties. The fact that they would be for use under such a system
should allow them to be exported with minimum restrictions being applied.