A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Server-Assisted Key Exchange (SAKE): A new mode for MIKEY-TICKET Author(s) : Alexis Olivereau Aymen Boudguiga Nouha Oualha Filename : draft-olivereau-sake-mikey-ticket-00.txt Pages : 11 Date : 2013-10-21 Abstract: A key establishment protocol intended to run between constrained devices has to be both lightweight and secure. Among the existing key establishment families (key agreement, key transport, server- assisted key transport or key distribution), the latter is the best candidate for constrained devices, since it can keep cryptographic operations simple at nodes sides. Nevertheless, most key distribution protocols exhibit an asymmetric design, since they are supposed to run between devices playing well-defined client and server roles, implying different security assumptions between the devices involved in the exchange. MIKEY-Ticket is a key distribution protocol that specifies new modes for the Multimedia Internet KEYing (MIKEY) protocol. It answers situations where the network contains a trusted third party (one or multiple trusted key management servers). The general MIKEY-Ticket mode is a key distribution scheme relying on six messages exchanged between the node initiating the protocol (Initiator), the Key Management Server (KMS) and the responding node (Responder). This general mode assumes that the two parties establishing a key with each other play similar roles, with the only exception that one is the Initiator and the other one the Responder. However, this mode suffers from a risk of a Denial of Service (DoS) inherited from the protocol design. In addition, the protocol syntax involves very large messages that would have to be fragmented, and would therefore not be convenient to communications between constrained nodes. In this document, we propose a new MIKEY-Ticket mode that solves the risk of DoS during the key establishment between the Initiator and the Responder, relies on a 5-message exchange instead of a 6-message one and bases on a simplified syntax, leading to lighter messages. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-olivereau-sake-mikey-ticket There's also a htmlized version available at: http://tools.ietf.org/html/draft-olivereau-sake-mikey-ticket-00 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt