[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"Flat Multicast Key Exchange (FMKE)"- Internet Draft

To: ip-dvb@erg.abdn.ac.uk
Subject: "Flat Multicast Key Exchange (FMKE)"- Internet Draft
From: Laurence.Duquerroy@space.alcatel.fr
Date: Fri, 16 May 2003 14:02:58 +0200
Cc: Sebastien.Josset@space.alcatel.fr, Isabelle.Buret@space.alcatel.fr, satip6@tilab.com
Reply-to: ip-dvb@erg.abdn.ac.uk
Sender: owner-ip-dvb@erg.abdn.ac.uk

Hello,

In  the context of the SatIP6 IST project, Alcatel Space studies a multicast
security scheme optimised to protect large multicast groups. Such a scheme is
designed for IP over Satellite, Wifi or DVB systems; it is a security solution
for the satellite segment. An implementation over DVB-S/RCS is planned in the
SatIP6 demonstrator.
We have presented this security solution (called SatIPSec) during the ESA
workshop at ESTEC, 13-14 May on "IP networking over satellite".

We have started to write an Internet Draft detailing our key exchange protocol
(called "Flat Multicast Key Exchange (FMKE)"), and we think that it could be
submitted to the "IP over DVB " group, as IP over DVB systems are targeted
systems. We would be ready to present it to the next IETF meeting (in Vienna).
As it is very security-oriented, it will probably also be submitted to an IETF
security group (i.e. MSEC (Multicast Security) WG).

You will find in attachment a draft of the ID. Your comments, opinion,  and
feedback on it are welcome.
(See attached file: draft-duquer-fmke-00.doc)

This solution is very flexible. It is able to configure any security dataplane
at layer 2 or 3 ( IPv4/6 IPSec, L2 security dataplanes...).
It is based on similar principles to the ones of the protocols currently defined
in the IETF MSEC group. It uses also similar messages (based on the ISAKMP
standard protocol). However it implements additional mechanisms and features in
order to provide a security solution optimized for satellite systems:

     -  It is defined to be low ressource consuming in bandwidth
     -  It provides a reliable key distribution ( unlike the GDOI and GSAKMP
protocols)
     -  It can be used in one-to-many and many-to-many scenarios, and is
scalable in these scenarios (MIKEY cannot be used in many-to-many scenarios in
large groups)
     -  It provides a multicast re-keying (mandatory in large groups) (unlike
MIKEY)
     - etc

We hope that you will find interest in it, and thank you in advance for your
comments.

Best regards,

Laurence Duquerroy

ALCATEL SPACE
RT/ST
Research Department / Advanced Telecom Satellite Systems
Tel : 33 (0)5-34-35-63-06  /  Fax : 33 (0)5-34-35-55-60
E-Mail : laurence.duquerroy@space.alcatel.fr

Attachment: draft-duquer-fmke-00.doc
Description: Mac Word 3.0

Follow-Ups:
- Re: "Flat Multicast Key Exchange (FMKE)"- Internet Draft
  - From: Haitham Cruickshank <H.Cruickshank@eim.surrey.ac.uk>

Prev by Date: RE: question about MPE and AAL5 over satellites
Next by Date: 57th IETF Meeting - Vienna, Austria
Previous by thread: RE: question about MPE and AAL5 over satellites
Next by thread: Re: "Flat Multicast Key Exchange (FMKE)"- Internet Draft
Index(es):
- Date
- Thread