RFC 2094 (rfc2094) - Page 1 of 22
Group Key Management Protocol (GKMP) Architecture
Alternative Format: Original Text Document
Network Working Group H. Harney
Request for Comments: 2094 C. Muckenhirn
Category: Experimental SPARTA, Inc.
July 1997
Group Key Management Protocol (GKMP) Architecture
Status of this Memo
This memo defines an Experimental Protocol for the Internet
community. This memo does not specify an Internet standard of any
kind. Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.
Table of Contents
1. Introduction................................................. 1
2. Multicast Key Management Architectures....................... 3
3. GKMP Protocol Overview....................................... 9
4. Issues....................................................... 19
5. Security Considerations...................................... 22
6. Authors' Address............................................. 22
Abstract
This specification proposes a protocol to create grouped symmetric
keys and distribute them amongst communicating peers. This protocol
has the following advantages: 1) virtually invisible to operator, 2)
no central key distribution site is needed, 3) only group members
have the key, 4) sender or receiver oriented operation, 5) can make
use of multicast communications protocols.
1 Introduction
This document describes an architecture for the management of
cryptographic keys for multicast communications. We identify the
roles and responsibilities of communications system elements in
accomplishing multicast key management, define security and
functional requirements of each, and provide a detailed introduction
to the Group Key Management Protocol (GKMP) which provides the
ability to create and distribute keys within arbitrary-sized groups
without the intervention of a global/centralized key manager. The
GKMP combines techniques developed for creation of pairwise keys with
techniques used to distribute keys from a KDC (i.e., symmetric
encryption of keys) to distribute symmetric key to a group of hosts.
Harney & Muckenhirn Experimental