MIKEY-RSA-R: An Additional Mode of Key Distribution in Multimedia Internet KEYing (MIKEY)
RFC 4738
Document | Type |
RFC - Proposed Standard
(November 2006; No errata)
Updates RFC 3830
|
|
---|---|---|---|
Authors | Lakshminath Dondeti , Ping Lin , Dragan Ignjatic , Francois Audet | ||
Last updated | 2015-10-14 | ||
Replaces | draft-ignjatic-msec-mikey-rsa-r | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Reviews | |||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4738 (Proposed Standard) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Russ Housley | ||
Send notices to | (None) |
Network Working Group D. Ignjatic Request for Comments: 4738 Polycom Updates: 3830 L. Dondeti Category: Standards Track QUALCOMM F. Audet P. Lin Nortel November 2006 MIKEY-RSA-R: An Additional Mode of Key Distribution in Multimedia Internet KEYing (MIKEY) Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The IETF Trust (2006). Abstract The Multimedia Internet Keying (MIKEY) specification describes several modes of key distribution solution that address multimedia scenarios (e.g., SIP calls and Real Time Streaming Protocol (RTSP) sessions) using pre-shared keys, public keys, and optionally a Diffie-Hellman key exchange. In the public-key mode, the Initiator encrypts a random key with the Responder's public key and sends it to the Responder. In many communication scenarios, the Initiator may not know the Responder's public key, or in some cases the Responder's ID (e.g., call forwarding) in advance. We propose a new MIKEY mode that works well in such scenarios. This mode also enhances the group key management support in MIKEY; it supports member-initiated group key download (in contrast to group manager pushing the group keys to all members). This document updates RFC 3830 with the RSA-R mode. Ignjatic, et al. Standards Track [Page 1] RFC 4738 MIKEY-RSA-R November 2006 Table of Contents 1. Introduction ....................................................3 1.1. Terminology Used in This Document ..........................3 2. Motivation ......................................................3 2.1. Description of the MIKEY Modes .............................3 2.2. Use Case Motivating the Proposed Mode ......................5 3. A New MIKEY-RSA Mode: MIKEY-RSA-R ...............................5 3.1. Outline ....................................................5 3.2. Group Communication Using the MIKEY RSA-R Mode .............6 3.3. Preparing RSA-R Messages ...................................6 3.4. Components of the I_MESSAGE ................................6 3.5. Processing the I_MESSAGE ...................................8 3.6. Components of the R_MESSAGE ................................9 3.7. Processing the R_MESSAGE ..................................10 3.8. Certificate Handling ......................................10 3.9. Additions to RFC 3830 Message Types and Other Values ......11 3.9.1. Modified Table 6.1a from RFC 3830 ..................11 3.9.2. Modified Table 6.12 from RFC 3830 ..................12 3.9.3. Modified Table 6.15 from RFC 3830 ..................12 4. Applicability of the RSA-R and RSA Modes .......................13 4.1. Limitations ...............................................13 5. Security Considerations ........................................14 5.1. Impact of the Responder Choosing the TGK ..................15 5.2. Updates to Security Considerations in RFC 3830 ............15 6. IANA Considerations ............................................15 7. Acknowledgments ................................................16 8. References .....................................................16 8.1. Normative References ......................................16 8.2. Informative References ....................................16 Ignjatic, et al. Standards Track [Page 2] RFC 4738 MIKEY-RSA-R November 2006 1. Introduction The MIKEY protocol [RFC3830] has three different methods for key transport or exchange: a pre-shared key mode (PSK), a public-key (RSA) mode, and an optional Diffie-Hellman exchange (DHE) mode. In addition, there is also an optional DH-HMAC mode [RFC4650], bringing the total number of modes to four. The primary motivation for the MIKEY protocol design is low-latency requirements of real-time communication, and thus all the exchanges finish in one-half to 1 roundtrip; note that this offers no room for security parameterShow full document text