RFC 2093 (rfc2093) - Page 2 of 23


Group Key Management Protocol (GKMP) Specification



Alternative Format: Original Text Document



RFC 2093                   GKMP Specification                  July 1997


   This document describes a protocol for establishing and rekeying
   groups of cryptographic keys (more than two) on the internet.  We
   refer to the approach as the Group Key Management Protocol (GKMP).

1.1 Protocol Overview

   The GKMP creates key for cryptographic groups, distributes key to the
   group members, ensures (via peer to peer reviews) rule based access
   control of keys, denies access to known compromised hosts, and allow
   hierarchical control of group actions.

   The key generation concept used by the GKMP is cooperative generation
   between two protocol entities.  There are several key generation
   algorithms viable for use in the GKMP (i.e., RSA, Diffe-Hellman,
   elliptic curves).  All these algorithms use asymmetric key technology
   to pass information between two entities to create a single
   cryptographic key.

   The GKMP then distributes the group keys to qualified GKMP entities.
   This distribution process is a mutually suspicious process (all
   actions and identities must be verified).

   The GKMP provides a peer to peer review process.  Protocol entities
   pass permission certificates (PC) as part of the group key
   distribution process.  The PCs contain access control information
   about a particular site.  This access control information is assigned
   by a higher authority which then signs the PC. Therefor each entity
   can verify the permissions of any other GKMP entity but can modify
   none.  Each protocol entity checks the permissions and compares them
   the level of service requested.  If the permissions do not exceed or
   equal the request, the service is denied.

   The GKMP supports compromise recovery.  A list of compromised GKMP
   entities is distributed to group members during key management
   actions.  In essence, a Compromise Recovery List (CRL) allows group
   members to drop connections with compromised entities.  The GKMP
   delegates control of groups to specific group controllers so it will
   be somewhat easier to distribute the CRL to the most important GKMP
   entities.  During each key management action the CRL version number
   is passed, when a CRL update is detected it is downloaded and
   verified (it is signed by a higher authority).

   The GKMP allows control of group actions.  In certain networks it is
   desirable for a higher authority to strictly control the generation
   of groups.  These networks usually have a central network operations
   authority.  The GKMP allows these authorities to remotely order group
   actions.  These orders are signed by that authority and verified by
   all entities involved with the group.



Harney & Muckenhirn           Experimental