An additional mode of key distribution in mikey
Download
1 / 9

An additional mode of key distribution in MIKEY - PowerPoint PPT Presentation


  • 116 Views
  • Uploaded on

An additional mode of key distribution in MIKEY. draft-ignjatic-msec-mikey-rsa-r-00 D. Ignjatic, L. Dondeti, F. Audet. Public key in MIKEY (RFC 3830). MIKEY Public key mode requires initiator to have responder’s Public key (PKr) before sending the I_MESSAGE.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' An additional mode of key distribution in MIKEY' - kynan


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
An additional mode of key distribution in mikey

An additional mode of key distribution in MIKEY

draft-ignjatic-msec-mikey-rsa-r-00

D. Ignjatic, L. Dondeti, F. Audet


Public key in mikey rfc 3830
Public key in MIKEY (RFC 3830)

  • MIKEY Public key mode requires initiator to have responder’s Public key (PKr) before sending the I_MESSAGE

Initiator Responder

I_MESSAGE =

HDR, T, RAND, [IDi|CERTi], [IDr], {SP},

KEMAC, [CHASH], PKE, SIGNi --->

R_MESSAGE =

[<---] HDR, T, [IDr], V

PKE = E(PKr, env_key) KEMAC = E(encr_key, IDi || {TGK}) || MAC


Problem description
Problem description

  • Very often, one does not have the PKr in advance, especially for peer-to-peer communication such as SIP

    • Certificate of responder may not be known in advance

    • Can not use MIKEY Public Key mode

  • Responder may have different identity than one originally called

    • Calls may be made to “group aliases”, phone numbers for hunt groups, etc.

    • “Forking” or “retargeting” (SIP for “forwarding”)

    • Can not predict who will answer

    • Will result in multiple round-trips

  • You may still want to do media encryption (sRTP) in those cases


Proposed solution
Proposed solution

  • New MIKEY Mode

  • Responder generates TGKs and PKE

Initiator Responder

I_MESSAGE = HDR, T, CERTi, [IDr], [SP], SIGNi -->

R_MESSAGE = HDR, T, RAND, IDr|CERTr, {SP}, KEMAC, PKE, SIGNr

PKE = E(PKi, env_key) KEMAC = E(encr_key, IDr || {TGK}) || MAC


I message
I_MESSAGE

  • Presents public key/cert of initiator to responder

  • Includes Timestamp (T) for replay protection

  • Responder’s Identity (IDr) optional

    • Indicating who initiator is interested in talking to

  • I_MESSAGE signed (SIGNi) to protect against DOS

    • Entire MIKEY message


R message
R_MESSAGE

  • Full roundtrip to download TGKs

  • PKE encrypted with Initiator public KEY (PKi)

  • KEMAC includes encrypted Identity of responder (IDr) & TGKs, plus a Message Authentication Code (MAC)

  • Also includes responder CERTr or IDr if there is reason to believe that CERTr is already provided using other means


Other
Other

  • Initiator may decide to proceed or not by based on identity/certificate of responder

  • New mode especially useful when expecting retargeting, forking, etc.

    • When you still want media encryption (sRTP)

  • Traditional mode useful when NOT willing to accept retargeting (i.e., when only wishing to reach a specific known user)


Use of mikey r with multicast
Use of MIKEY-R with multicast

MCServer

Client

Announce session (T,CSB ID) sent as multicast or out of band

RSA_R I_MSG unicast

RSA_R R_MSG unicast

KMGT Done

Multicast session (group TEK)


Conclusion
Conclusion

  • Open issues

    • Describe multicast conferencing

    • Describe 3-way calling with identical media steams

  • Proposal:

    • Accept new MIKEY mode as working group document


ad