Using Messaging Layer Security (MLS) to Provide Keys for SFrame
draft-barnes-sframe-mls-00

Document Type Active Internet-Draft (individual)
Authors Richard Barnes  , Raphael Robert 
Last updated 2020-11-15
Stream (None)
Intended RFC status (None)
Formats plain text html xml pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                          R. Barnes
Internet-Draft                                                     Cisco
Intended status: Informational                                 R. Robert
Expires: 20 May 2021                                                Wire
                                                        16 November 2020

    Using Messaging Layer Security (MLS) to Provide Keys for SFrame
                       draft-barnes-sframe-mls-00

Abstract

   Secure Frames (SFrame) defines a compact scheme for encrypting real-
   time media.  In order for SFrame to address cases where media are
   exchanged among many participants (e.g., real-time conferencing), it
   needs to be augmented with a group key management protocol.  The
   Messaging Layer Security (MLS) protocol provides continuous group
   authenticated key exchange, allowing a group of participants in a
   media session to authenticate each other and agree on a group key.
   This document defines how the group keys produced by MLS can be used
   with SFrame to secure real-time sessions for groups.

Discussion Venues

   This note is to be removed before publishing as an RFC.

   Source for this draft and an issue tracker can be found at
   https://github.com/bifurcation/sframe-mls.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 20 May 2021.

Barnes & Robert            Expires 20 May 2021                  [Page 1]
Internet-Draft                 MLS-SFrame                  November 2020

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Simplified BSD License text
   as described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  SFrame Key Management . . . . . . . . . . . . . . . . . . . .   3
   3.  Security Considerations . . . . . . . . . . . . . . . . . . .   5
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   5
   Appendix A.  Acknowledgements . . . . . . . . . . . . . . . . . .   5
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   5

1.  Introduction

   Secure Frames (SFrame) defines a compact scheme for encrypting real-
   time media.  In order for SFrame to address cases where media are
   exchanged among many participants (e.g., real-time conferencing), it
   needs to be augmented with a group key management protocol.  The
   Messaging Layer Security (MLS) protocol [!I-D.ietf-mls-protocol]
   provides continuous group authenticated key exchange.  MLS provides
   several important security properties [!I-D.ietf-mls-arch]:

   *  Group Key Exchange: All members of the group at a given time know
      a secret key that is inaccessible to parties outside the group.

   *  Authentication of group members: Each member of the group can
      authenticate the other members of the group.

   *  Group Agreement: The members of the group all agree on the
      identities of the participants in the group.

   *  Forward Secrecy: There are protocol events such that if a member's
      state is compromised after the event, group secrets created before
      the event are safe.

Barnes & Robert            Expires 20 May 2021                  [Page 2]
Internet-Draft                 MLS-SFrame                  November 2020

   *  Post-compromise Security: There are protocol events such that if a
      member's state is compromised before the event, the group secrets
      created after the event are safe.

   When a real-time session uses MLS as the basis for SFrame keys, these
   security properties apply to real-time media as well.  In the
   remainder of this document, we define how to use the secrets produced
   by MLS to generate the keys required by SFrame.

   [[ OPEN ISSUE: We could define an MLS extension that would provide
Show full document text