WASHINGTON – US diplomats are bracing for a tough road toward a final nuclear agreement with Iran and other world powers by the June 30 deadline, searching for compromise on key political matters that may decide the fate of the entire effort.The most challenging gap appears to be over Iran’s refusal to allow access – managed or otherwise – to its military sites, some of which are suspected of hosting its experimentation with nuclear weapons technology.France, Israel and several senior officials in the Obama administration see this as a fatal loophole in the emerging deal: A way for Tehran to preserve no-go zones, where it could continue its nuclear work in violation of an international agreement.“We must be able to verify the sites,” French Foreign Minister Laurent Fabius said on Thursday. “We want a deal with Iran, but... the deal must be verifiable, solid, robust, and today we don’t have guarantees on this.”“A deal that cannot be verified cannot be implemented,” Fabius said.Israel believes this is one of several loopholes, and fears the Islamic Republic’s strategy is to back-load most of the work of drafting a final document toward the June 30 deadline, increasing the likelihood that it will include such ways for Tehran to continue efforts toward building nuclear weapons.Additionally, a compromise over so-called “managed” or “controlled” access to military sites, as some Obama administration officials propose, may undermine the integrity of the effort. If Iran is given several days, or even weeks, to prepare for an inspection, it may remove or contaminate material at a given site, Western powers fear. The Obama administration continues to hold its ground on this point, and reinforced its position after meetings with Israeli officials in Washington and Jerusalem over the weekend.“In addition to safeguarding these declared nuclear sites, a potential deal must prevent Iran from using a covert site to break out,” US Treasury Secretary Jack Lew told The Jerusalem Post Annual Conference in New York on Sunday. “And that is why any deal must ensure comprehensive and robust monitoring and inspection anywhere and everywhere the IAEA [International Atomic Energy Agency] has reason to go.”Iran is rejecting that demand in public fora. Such access, Tehran says, is a violation of the country’s sovereignty and an exceptional demand of any nation.“Inspection and access to nonnuclear and military sites will not be accepted by Iran. Controlled and managed access does not mean inspection,” chief negotiator Abbas Araqchi said last week. “We are trying to set some rules for managed access to nonnuclear sites.”On Thursday, one Iranian official told the press that “an agreement by the end of June is achievable.” That official, Reza Najafi, declined to comment on the status of negotiations surrounding “managed” inspections.But he did offer comment on one aspect of the agreement that was thought to have been settled: Iran’s compliance with the IAEA’s Additional Protocol.Najafi said Iran’s participation will be settled, ultimately, in the final text, and not before.The protocol allows UN inspectors, under specific circumstances, to visit Iranian sites with as little as two hours’ notice. In a fact sheet the White House released in April announcing the Lausanne framework for a nuclear deal, the US administration was explicit in its understanding of this provision: “Iran has agreed to implement the Additional Protocol of the IAEA, providing the IAEA much greater access and information regarding Iran’s nuclear program, including both declared and undeclared facilities,” the parameters read.So, too, another condition thought to have been settled is now under scrutiny: The administration’s claim to hold in place all sanctions against Iran that are “nonnuclear.”How the Treasury Department defines “nonnuclear” is now a matter of dispute, according to a report in the Associated Press.Several sanctions bills, US officials say, were passed targeting Iran’s ballistic missile program or proxy efforts as part of a strategy aimed at stopping its nuclear work.Any US president has the ability to stop virtually all sanctions by executive order, but only Congress can lift them for good.Should an agreement be reached by June 30, Congress will have 30 days to review it in its entirety. Lawmakers may then choose to vote to approve or disapprove of their participation in the deal, although the president retains the ability to veto a vote of disapproval.Speaking on Capitol Hill on Wednesday, US President Barack Obama’s former Defense Intelligence Agency chief, Lt.-Gen. (ret.) Michael Flynn, criticized the emerging deal as fundamentally flawed.The notion that sanctions lifted by the international community could be “snapped back” in place should Iran violate the agreement, is “fiction,” he said in testimony before a House Foreign Affairs subcommittee.“It is clear that the nuclear deal is not a permanent fix but merely a placeholder,” Flynn said, calling it “wishful thinking” that Iran would hold off on expanding its program after 10 years, when certain provisions of the deal will expire.Negotiations continued in Vienna on Thursday at the political director level of the P5+1 – the US, Britain, France, Russia, China and Germany, with Iran – amid claims that sophisticated spy-ware has infiltrated their hotels.A Moscow-based cybersecurity firm, Kaspersky Lab ZAO, said it identified an expensive virus called Duqu 2.0 as having breached its software at three luxury hotels across Europe, each of which had hosted the nuclear talks in the past year.Kurt Baumgartner, principal security researcher at Kaspersky Lab, told The Jerusalem Post on Wednesday afternoon that the hack was not limited to the hotels and that “up to 100” targets were subjected to the attack.“It’s important to know that Kaspersky Lab products identified the infection within various victims,” Baumgartner said. “In addition to several unknown victims, we are quite sure that at least three of the venues where P5+1 talks about a nuclear deal with Iran were held have been attacked.”In addition to the high-level Iran negotiations, Baumgartner said they had found that the perpetrator launched a similar attack surrounding the event commemorating the 70th anniversary of the liberation of Auschwitz-Birkenau.While their findings are preliminary, the firm concludes that the targets, beyond the hotels, all shared the characteristics of having “the highest-level” security and “including geopolitical interests.” And while the firm says it is extremely difficult to trace the virus back to a host, it sees key similarities to a 2011 attack widely attributed to Israeli intelligence.Duqu 2.0 may allow its handlers to monitor activity, steal computer files and eavesdrop from the rooms in which they are operating.Responding to the Kaspersky findings, the Obama administration expressed confidence in its own security procedures.“I can say that we take steps, certainly, to ensure that confidential, that classified negotiating details stay behind closed doors in these negotiations,” said Jeff Rathke, a State Department spokesman, declining to elaborate.Reuters contributed to this report.