Group key management
This report describes an architecture and implementation for doing group key management over a data communications network. The architecture describes a protocol for establishing a shared encryption key among an authenticated and authorized collection of network entities. Group access requires one or more authorization certificates. The implementation includes a simple public key and certificate infrastructure. Multicast is used for some of the key management messages. An application programming interface multiplexes key management and user application messages. An implementation using the new IP security protocols is postulated. The architecture is compared with other group key management proposals, and the performance and the limitations of the implementation are described.
- Research Organization:
- Oak Ridge National Lab., Mathematical Sciences Section, TN (United States)
- Sponsoring Organization:
- USDOE Office of Energy Research, Washington, DC (United States)
- DOE Contract Number:
- AC05-96OR22464
- OSTI ID:
- 631269
- Report Number(s):
- ORNL/TM--13470; ON: DE98005998
- Country of Publication:
- United States
- Language:
- English
Similar Records
Provably authenticated group Diffie-Hellman key exchange - The dynamic case (Extended abstract)
Public/private key certification authority and key distribution. Draft