Finished Projects
Cryptographic Technologies
Policy-Based Cryptographic Key Release System
| ARPA Order Number: | 8685 |
| Principle Investigators: | Dennis Branstad |
| Contractor: | Trusted Information Systems, Inc. 3060 Washington Road Glenwood, Maryland 21738 Phone: (301) 854-6889 FAX: (301) 854-5363 |
| Subcontractors: | Dr. Dorothy Denning Dr. Burton Kaliski Dr. Warwick Ford Russel Housley |
| Title of Effort: | Policy-Based Cryptographic Key Release System |
Objective:
The objective of this task is to develop an automated system that will
release cryptographic keys in accordance with a specified policy. The
dynamic relationships established among nations, military groups,
industrial consortia, business partnerships, and people require that
information protection policies be specific and dynamic. The key release
system to be developed will support policy specifications from all
parties having jurisdiction over the information and then enforce
security in accordance with this policy. The policy may be different for
each user, application, or cryptographic key. The cryptographic key
release system provides dynamic and flexible authorization rules for
releasing the key. The system will allow a set of authorization rules,
collectively called a key release policy, to be created to control the
release of a key.
Approach:
This task is to identify the requirements for key release of potential
users, their managers (for organizational users), the law enforcement
organizations having jurisdiction in the location of use, and the
national security organizations having jurisdiction in the location of
use. A broad set of real and hypothetical requirements will be
identified. Real requirements will be used whenever possible (e.g., by
talking with users, their managers, and law enforcement personnel) and
hypothetical requirements will be used when required (i.e., when real
requirements are classified). The goal is to build a representative set
of requirements to be included in the release system without attempting
to be comprehensive or complete.
Using a set of real and theoretical requirements for key release, a release authorization language will be developed. Various hypothetical scenarios will be defined (e.g., a multi-national military communication system, a government agency's archival system, an individual's personal records management system, a family's financial system, a corporation's vital records system, an international electronic commerce trading system) for which various key release policies could be specified. An optional automated key release prototype system will be developed during the second year to demonstrate the feasibility and effectiveness of dynamic cryptographic key release.
Recent Accomplishments:
The KRP project achieved several major accomplishments this year. They
can be categorized as requirements identification, language
specification, policy administration system, and project design review.
A Key Release Requirements document was prepared and reviewed by the KRP review team. This document presented the general requirements of individuals and organizations for specifying the acceptable conditions under which a cryptographic key could be released and to whom it could be released under those conditions.
The syntax and semantics of an initial KRP language for specifying these conditions (automated events such as time and human events such as death) were specified. Syntax defines the structure (i.e., acceptable sentences) of a language and semantics defines the meaning of the components (i.e., words, sentences) of the language. Additional components needed for the language were identified.
A prototype (demonstration) system was developed for administering the creation of cryptographic keys and release policies. It also protected the keys, enforced the policies, and administered the roles of users authorized to perform the roles.
A design review meeting (TIS staff and KRP consultants) was held for DARPA sponsors and NSA , NIST, and MITRE guests The responses to the KRP language and system design as well as the demonstrations were all positive.
Current Plan:
(Option 1) Implement an automated system which enforces the rules for
releasing cryptographic keys. The system shall consist of key-release
policy (KRP) creation modules, storage modules, and enforcement modules.
User roles to be supported include: policy domain originator, policy
component creator, key requester, policy event poster, policy event
verifier, policy administration system (PAL) manager, and PAL auditor.
Different interfaces may be provided for the different user roles. KRP
and PAL language specifications and system descriptions shall be
provided. Demonstrations and a final report shall be provided at the end
of the project.
Technology Transition:
Demonstrations of the KRP prototype system and presentations of the KRP
specification language have been made available to DARPA sponsors, NSA
coordinators, NIST interested parties, and FBI staff. Informal
presentations have been given to TIS visitors and formal presentations
have been made to several technical workshops. Research cooperation
meetings were held with several other DARPA researchers interested in
the language and system. Broader coverage and technology transfer await
funding of the second year of development of the language and system.