1. IETF Provisioning of Symmetric Keys (keyprov) WG Update WG Chairs: Phillip Hallam-Baker Hannes Tschofenig Presentation by Mingliang Pei 05/05/2008

2. 2 Charter  Develop the necessary protocols and data formats required to support provisioning and management of symmetric key authentication tokens  Use cases: Use of Shared Symmetric Key Tokens Other use cases for future extensibility  P1619.3 and Kerberos  WG Charter Page http://www.ietf.org/html.charters/keyprov- charter.html

3. 3 Working Group Items  Dynamic Symmetric Key Provisioning Protocol (DSKPP)  XML based real-time online provisioning protocol  Key Container Specification Portable Symmetric Key Container (PSKC)  XML based format  May also be used for offline bulk key import / migration Symmetric Key Package Content Type (SKPC)  ASN.1 based format  Algorithm Identifiers draft-hallambaker-algorithm-identifiers-00.txt I-D just submitted; not yet accepted as a Working Group item

4. 4 Current Status: DSKPP  3rd draft submitted on 2/28/2008 Discussed during 71-th IETF (3/11/08 )  Incorporated feedbacks from mailing list and resolutions from two full day IETF interim meeting Document cleanup / Message flow rearrangement Conformance matrix Removed 1-pass (2-pass and 4-pass only now) HTTP binding  Next Steps A few open issues remain (small effort) Revise and submit draft 04 Reference implementation coming

5. 5 Current Status: PSKC  Version -04 submitted on 4/21/2008 Portable Symmetric Key Container (PSKC) - an XML-based format specification  http://tools.ietf.org/id/draft-ietf-keyprov-portable-symmetric- key-container-04.txt http://tools.ietf.org/id/draft-ietf-keyprov-portable-symmetric- key-container-04.txt Incorporated feedbacks from mailing list and resolutions after 71th IETF  Adopted XMLEnc for key encryption  Added conformance matrix  Added IANA section with URI registration at IANA  E.g. Algorithm HOTP URI  Updated PIN policy and treated it as a key type  Added common key property template for bulk usage Adopted and implemented by some vendors (early versions)  Next step Resolve a few remaining small issues

6. 6 Current Status: SKPC  The 2 nd draft submitted on 2/25/2008 The Symmetric Key Package Content Type (SKPC) is an ASN.1-based format specification  http://tools.ietf.org/html/draft-ietf-keyprov-symmetrickeyformat-02 http://tools.ietf.org/html/draft-ietf-keyprov-symmetrickeyformat-02  Co-authored by Sean Turner and Russ Housley  Used to transfer one or more plaintext symmetric keys from one party to another  A symmetric key package can be encapsulated in one or more CMS (RFC3852) protecting content types Updated about alignment with PSKC  Added use cases  Next steps Referencing attribute list from PSKC

7. 7 DSKPP Overview  DSKPP is a client-server protocol for initialization (and configuration) of symmetric keys to cryptographic modules Intended for use within computer and communications systems employing symmetric cryptographic modules that are locally (over-the-wire) or remotely (over-the- air) accessible. Can be run with or without private-key capabilities in the cryptographic modules, and with or without an established public key infrastructure Key encryption options for end-to-end key protection:  Pre-shared symmetric key (e.g., smart card manufacturer’s key)  Password-generated symmetric key (e.g., mobile phone provisioning)  PKI using on client public key

8. 8 DSKPP Protocol Model DSKPP Provisioning server DSKPP client Client Hello (2, 4-pass) Server Finished (2, 4-pass) Smart Device Client Nonce (4-pass) Server Hello (4-pass) 4-Pass: Mutually authenticated key agreement 2-Pass: Distribution of server pre-generated symmetric keys Trigger (Optional)

9. 9 2-pass vs. 4-pass  Use 4-pass under the following conditions Policy requires that both parties engaged in the protocol jointly contribute entropy to the key A cryptographic module does not have private-key capabilities The cryptographic module is hosted by a device that doesn’t have a pre-shared authentication key and a key pad for password input  Use 2-pass under the following conditions Pre-existing keys must be provisioned via transport to the cryptographic module A cryptographic module has private-key capabilities The cryptographic module is hosted by a device that has a pre-shared authentication key (e.g. Smart Card or SIM card) or a key pad for password input

10. 10 PSKC Primer  Online Real-time key provisioning: Internet or OTA (embedded in DSKPP message structure)  Transport of keys from Server to Crypto Module User key upload  Transport of keys from Crypto Module to server via secure channel Server to server provisioning  Used in bulk key provisioning protocol  Offline End user key migration  Transport of keys from Crypto Module to Crypto Module Bulk import or key migration  Server to server Bulk import/export of keys User key upload  Transport of keys from Crypto Module to Server

11. 11 PSKC Data Model KeyContainer Device User Service Key DeviceID UserID KeyID Issuer Usage KeyAlgorithm PINPolicy StartDate ExpiryDate KeyData FriendlyName 1 1..* 1 * PSKC Data Model

12. 12 Contribution welcomed  Comments are welcomed on the mailing list and via the issue tracker keyprov@ietf.org http://www.tschofenig.com:8080/keypr ov/index http://www.tschofenig.com:8080/keypr ov/index