Draft Software Key Escrow Encryption Export Criteria
(11/95 version)
 
Export control jurisdiction for a software key escrow encryption
product that meets the following criteria, as determined by the
U.S. Department of State after a one-time review, will be
transferred to the U.S. Department of Commerce for export
licensing. These criteria do not alter existing licensing
practices applicable to other encryption products or modes.
Vendors must still submit other encryption to the U.S. Department
of State for review and export licensing, or jurisdiction
transfer as appropriate. Vendors contemplating the development
of encryption products are encouraged to discuss their export
objectives with the U.S. Government.
 
Key Escrow Feature
 
1. The key(s) required to decrypt the product's key escrow
cryptographic functions' ciphertext shall be accessible
through a key escrow feature.
 
2. The product's key escrow cryptographic functions shall be
inoperable until the key(s) is escrowed in accordance with
#3.
 
3. The product's key escrow cryptographic functions' key(s)
shall be escrowed with escrow agent(s) certified by the U.S.
Government, or certified by foreign governments with which
the U.S. Government has formal agreements consistent with
U.S. law enforcement and national security requirements.
 
4. The product's key escrow cryptographic functions' ciphertext
shall contain, in an accessible format and with a reasonable
frequency, the identity of the key escrow agent(s) and
information sufficient for the escrow agent(s) to identify
the key(s) required to decrypt the ciphertext.
 
5. The product's key escrow feature shall allow access to the
key(s) needed to decrypt the product's ciphertext regardless
of whether the product generated or received the ciphertext.
 
6. The product's key escrow feature shall allow for the
recovery of multiple decryption keys during the period of
authorized access without requiring repeated presentations
of the access authorization to the key escrow agent(s).
 
Key Length Feature
 
7. The product's key escrow cryptographic functions shall use
an unclassified encryption algorithm with a key length not
to exceed sixty-four (64) bits.
 
8. The product's key escrow cryptographic functions shall not
provide the feature of multiple encryption (e.g., triple-
DES).
 
Interoperability Feature
 
9. The product's key escrow cryptographic functions shall
interoperate only with key escrow cryptographic functions in
products that meet these criteria, and shall not
interoperate with the cryptographic functions of a product
whose key escrow encryption function has been altered,
bypassed, disabled, or otherwise rendered inoperative.
 
Design, Implementation, and Operational Assurance
 
10. The product shall be resistant to anything that could
disable or circumvent the attributes described in #1 through
#9.
 
11/6/95


Return to:

Key-Escrow Page | Crypto Policy Page | EPIC Home Page