A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Server-Assisted Key Exchange (SAKE): A new mode for MIKEY-TICKET
Author(s) : Alexis Olivereau
Aymen Boudguiga
Nouha Oualha
Filename : draft-olivereau-sake-mikey-ticket-00.txt
Pages : 11
Date : 2013-10-21
Abstract:
A key establishment protocol intended to run between constrained
devices has to be both lightweight and secure. Among the existing
key establishment families (key agreement, key transport, server-
assisted key transport or key distribution), the latter is the best
candidate for constrained devices, since it can keep cryptographic
operations simple at nodes sides. Nevertheless, most key
distribution protocols exhibit an asymmetric design, since they are
supposed to run between devices playing well-defined client and
server roles, implying different security assumptions between the
devices involved in the exchange.
MIKEY-Ticket is a key distribution protocol that specifies new modes
for the Multimedia Internet KEYing (MIKEY) protocol. It answers
situations where the network contains a trusted third party (one or
multiple trusted key management servers). The general MIKEY-Ticket
mode is a key distribution scheme relying on six messages exchanged
between the node initiating the protocol (Initiator), the Key
Management Server (KMS) and the responding node (Responder). This
general mode assumes that the two parties establishing a key with
each other play similar roles, with the only exception that one is
the Initiator and the other one the Responder.
However, this mode suffers from a risk of a Denial of Service (DoS)
inherited from the protocol design. In addition, the protocol syntax
involves very large messages that would have to be fragmented, and
would therefore not be convenient to communications between
constrained nodes. In this document, we propose a new MIKEY-Ticket
mode that solves the risk of DoS during the key establishment between
the Initiator and the Responder, relies on a 5-message exchange
instead of a 6-message one and bases on a simplified syntax, leading
to lighter messages.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-olivereau-sake-mikey-ticket
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-olivereau-sake-mikey-ticket-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
