diff --git a/public/java/test/org/broadinstitute/sting/utils/crypt/CryptUtilsUnitTest.java b/public/java/test/org/broadinstitute/sting/utils/crypt/CryptUtilsUnitTest.java
index eae4486c6..f5cfea148 100644
--- a/public/java/test/org/broadinstitute/sting/utils/crypt/CryptUtilsUnitTest.java
+++ b/public/java/test/org/broadinstitute/sting/utils/crypt/CryptUtilsUnitTest.java
@@ -27,6 +27,7 @@ package org.broadinstitute.sting.utils.crypt;
 import org.broadinstitute.sting.BaseTest;
 import org.broadinstitute.sting.utils.exceptions.ReviewedStingException;
 import org.broadinstitute.sting.utils.exceptions.UserException;
+import org.testng.SkipException;
 import org.testng.annotations.DataProvider;
 import org.testng.annotations.Test;
 import org.testng.Assert;
@@ -64,11 +65,21 @@ public class CryptUtilsUnitTest extends BaseTest {
 
     @Test
     public void testGATKMasterKeyPairMutualDecryption() {
+        if ( gatkPrivateKeyExistsButReadPermissionDenied() ) {
+            throw new SkipException(String.format("Skipping test %s because we do not have permission to read the GATK private key",
+                                    "testGATKMasterKeyPairMutualDecryption"));
+        }
+
         Assert.assertTrue(CryptUtils.keysDecryptEachOther(CryptUtils.loadGATKMasterPrivateKey(), CryptUtils.loadGATKMasterPublicKey()));
     }
 
     @Test
     public void testGATKMasterPrivateKeyWithDistributedPublicKeyMutualDecryption() {
+        if ( gatkPrivateKeyExistsButReadPermissionDenied() ) {
+            throw new SkipException(String.format("Skipping test %s because we do not have permission to read the GATK private key",
+                                    "testGATKMasterPrivateKeyWithDistributedPublicKeyMutualDecryption"));
+        }
+
         Assert.assertTrue(CryptUtils.keysDecryptEachOther(CryptUtils.loadGATKMasterPrivateKey(), CryptUtils.loadGATKDistributedPublicKey()));
     }
 
@@ -156,6 +167,11 @@ public class CryptUtilsUnitTest extends BaseTest {
 
     @Test
     public void testLoadGATKMasterPrivateKey() {
+        if ( gatkPrivateKeyExistsButReadPermissionDenied() ) {
+            throw new SkipException(String.format("Skipping test %s because we do not have permission to read the GATK private key",
+                                    "testLoadGATKMasterPrivateKey"));
+        }
+
         PrivateKey gatkMasterPrivateKey = CryptUtils.loadGATKMasterPrivateKey();
     }
 
@@ -174,4 +190,9 @@ public class CryptUtilsUnitTest extends BaseTest {
         Assert.assertEquals(originalKey.getAlgorithm(), keyFromDisk.getAlgorithm());
         Assert.assertEquals(originalKey.getFormat(), keyFromDisk.getFormat());
     }
+
+    private boolean gatkPrivateKeyExistsButReadPermissionDenied() {
+        File gatkPrivateKey = new File(CryptUtils.GATK_MASTER_PRIVATE_KEY_FILE);
+        return gatkPrivateKey.exists() && ! gatkPrivateKey.canRead();
+    }
 }
diff --git a/public/java/test/org/broadinstitute/sting/utils/crypt/GATKKeyUnitTest.java b/public/java/test/org/broadinstitute/sting/utils/crypt/GATKKeyUnitTest.java
index 5e7b07a1e..660f95796 100644
--- a/public/java/test/org/broadinstitute/sting/utils/crypt/GATKKeyUnitTest.java
+++ b/public/java/test/org/broadinstitute/sting/utils/crypt/GATKKeyUnitTest.java
@@ -27,6 +27,7 @@ package org.broadinstitute.sting.utils.crypt;
 import org.broadinstitute.sting.BaseTest;
 import org.broadinstitute.sting.utils.exceptions.ReviewedStingException;
 import org.broadinstitute.sting.utils.exceptions.UserException;
+import org.testng.SkipException;
 import org.testng.annotations.Test;
 import org.testng.Assert;
 
@@ -39,6 +40,11 @@ public class GATKKeyUnitTest extends BaseTest {
 
     @Test
     public void testCreateGATKKeyUsingMasterKeyPair() {
+        if ( gatkPrivateKeyExistsButReadPermissionDenied() ) {
+            throw new SkipException(String.format("Skipping test %s because we do not have permission to read the GATK private key",
+                                    "testCreateGATKKeyUsingMasterKeyPair"));
+        }
+
         PrivateKey masterPrivateKey = CryptUtils.loadGATKMasterPrivateKey();
         PublicKey masterPublicKey = CryptUtils.loadGATKMasterPublicKey();
 
@@ -49,6 +55,11 @@ public class GATKKeyUnitTest extends BaseTest {
 
     @Test
     public void testCreateGATKKeyUsingMasterPrivateKeyAndDistributedPublicKey() {
+        if ( gatkPrivateKeyExistsButReadPermissionDenied() ) {
+            throw new SkipException(String.format("Skipping test %s because we do not have permission to read the GATK private key",
+                                    "testCreateGATKKeyUsingMasterPrivateKeyAndDistributedPublicKey"));
+        }
+
         PrivateKey masterPrivateKey = CryptUtils.loadGATKMasterPrivateKey();
         PublicKey distributedPublicKey = CryptUtils.loadGATKDistributedPublicKey();
 
@@ -82,8 +93,7 @@ public class GATKKeyUnitTest extends BaseTest {
         KeyPair keyPair = CryptUtils.generateKeyPair();
 
         // Email addresses cannot contain the NUL byte, since it's used as a sectional delimiter in the key file:
-        GATKKey key = new GATKKey(CryptUtils.loadGATKMasterPrivateKey(), CryptUtils.loadGATKDistributedPublicKey(),
-                                  emailAddressWithNulByte);
+        GATKKey key = new GATKKey(keyPair.getPrivate(), keyPair.getPublic(), emailAddressWithNulByte);
     }
 
     @Test
@@ -110,4 +120,9 @@ public class GATKKeyUnitTest extends BaseTest {
 
         GATKKey key = new GATKKey(CryptUtils.loadGATKDistributedPublicKey(), nonExistentFile);
     }
+
+    private boolean gatkPrivateKeyExistsButReadPermissionDenied() {
+        File gatkPrivateKey = new File(CryptUtils.GATK_MASTER_PRIVATE_KEY_FILE);
+        return gatkPrivateKey.exists() && ! gatkPrivateKey.canRead();
+    }
 }