RFC 2093 (rfc2093) - Page 2 of 23
Group Key Management Protocol (GKMP) Specification
Alternative Format: Original Text Document
RFC 2093 GKMP Specification July 1997
This document describes a protocol for establishing and rekeying
groups of cryptographic keys (more than two) on the internet. We
refer to the approach as the Group Key Management Protocol (GKMP).
1.1 Protocol Overview
The GKMP creates key for cryptographic groups, distributes key to the
group members, ensures (via peer to peer reviews) rule based access
control of keys, denies access to known compromised hosts, and allow
hierarchical control of group actions.
The key generation concept used by the GKMP is cooperative generation
between two protocol entities. There are several key generation
algorithms viable for use in the GKMP (i.e., RSA, Diffe-Hellman,
elliptic curves). All these algorithms use asymmetric key technology
to pass information between two entities to create a single
cryptographic key.
The GKMP then distributes the group keys to qualified GKMP entities.
This distribution process is a mutually suspicious process (all
actions and identities must be verified).
The GKMP provides a peer to peer review process. Protocol entities
pass permission certificates (PC) as part of the group key
distribution process. The PCs contain access control information
about a particular site. This access control information is assigned
by a higher authority which then signs the PC. Therefor each entity
can verify the permissions of any other GKMP entity but can modify
none. Each protocol entity checks the permissions and compares them
the level of service requested. If the permissions do not exceed or
equal the request, the service is denied.
The GKMP supports compromise recovery. A list of compromised GKMP
entities is distributed to group members during key management
actions. In essence, a Compromise Recovery List (CRL) allows group
members to drop connections with compromised entities. The GKMP
delegates control of groups to specific group controllers so it will
be somewhat easier to distribute the CRL to the most important GKMP
entities. During each key management action the CRL version number
is passed, when a CRL update is detected it is downloaded and
verified (it is signed by a higher authority).
The GKMP allows control of group actions. In certain networks it is
desirable for a higher authority to strictly control the generation
of groups. These networks usually have a central network operations
authority. The GKMP allows these authorities to remotely order group
actions. These orders are signed by that authority and verified by
all entities involved with the group.
Harney & Muckenhirn Experimental