Group Key Management Protocol (GKMP) Specification
RFC 2093
Document | Type |
RFC - Experimental
(July 1997; No errata)
Was draft-harney-gkmp-spec (individual)
|
|
---|---|---|---|
Authors | Carl Muckenhirn , Hugh Harney | ||
Last updated | 2013-03-02 | ||
Stream | Legacy stream | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | Legacy state | (None) | |
Consensus Boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | RFC 2093 (Experimental) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group H. Harney Request for Comments: 2093 C. Muckenhirn Category: Experimental SPARTA, Inc. July 1997 Group Key Management Protocol (GKMP) Specification Status of this Memo This memo defines an Experimental Protocol for the Internet community. This memo does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited. Table of Contents 1. Background..................................................... 1 2. Overview: GKMP Roles.......................................... 3 3. Data Item primitives........................................... 4 4. Message definitions............................................ 6 5. State definitions.............................................. 9 6. Functional Definitions--Group Key Management Protocol.......... 13 7. Security Considerations........................................ 23 8. Author's Address............................................... 23 Abstract This specification proposes a protocol to create grouped symmetric keys and distribute them amongst communicating peers. This protocol has the following advantages: 1) virtually invisible to operator, 2) no central key distribution site is needed, 3) only group members have the key, 4) sender or receiver oriented operation, 5) can make use of multicast communications protocols. 1 Background Traditional key management distribution has mimicked the military paper based key accounting system. Key was distributed, ordered, and accounted physically leading to large lead times and expensive operations. Cooperative key management algorithms exist that allow pairwise keys to be generated between two equipment's. This gives the a quicker more reliable key management structure capable of supporting large numbers of secure communications. Unfortunately, only pairwise keys are supported using these methods today. Harney & Muckenhirn Experimental [Page 1] RFC 2093 GKMP Specification July 1997 This document describes a protocol for establishing and rekeying groups of cryptographic keys (more than two) on the internet. We refer to the approach as the Group Key Management Protocol (GKMP). 1.1 Protocol Overview The GKMP creates key for cryptographic groups, distributes key to the group members, ensures (via peer to peer reviews) rule based access control of keys, denies access to known compromised hosts, and allow hierarchical control of group actions. The key generation concept used by the GKMP is cooperative generation between two protocol entities. There are several key generation algorithms viable for use in the GKMP (i.e., RSA, Diffe-Hellman, elliptic curves). All these algorithms use asymmetric key technology to pass information between two entities to create a single cryptographic key. The GKMP then distributes the group keys to qualified GKMP entities. This distribution process is a mutually suspicious process (all actions and identities must be verified). The GKMP provides a peer to peer review process. Protocol entities pass permission certificates (PC) as part of the group key distribution process. The PCs contain access control information about a particular site. This access control information is assigned by a higher authority which then signs the PC. Therefor each entity can verify the permissions of any other GKMP entity but can modify none. Each protocol entity checks the permissions and compares them the level of service requested. If the permissions do not exceed or equal the request, the service is denied. The GKMP supports compromise recovery. A list of compromised GKMP entities is distributed to group members during key management actions. In essence, a Compromise Recovery List (CRL) allows group members to drop connections with compromised entities. The GKMP delegates control of groups to specific group controllers so it will be somewhat easier to distribute the CRL to the most important GKMP entities. During each key management action the CRL version number is passed, when a CRL update is detected it is downloaded and verified (it is signed by a higher authority). The GKMP allows control of group actions. In certain networks it is desirable for a higher authority to strictly control the generation of groups. These networks usually have a central network operations authority. The GKMP allows these authorities to remotely order group actions. These orders are signed by that authority and verified by all entities involved with the group.Show full document text