Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Ming and Andrea just recently submitted the merged IETF KEYPROV protocol proposal, called DSKPP. Here is the abstract:

DSKPP is a client-server protocol for initialization (and configuration) of cryptographic tokens.  The protocol requires neither private-key capabilities in the cryptographic tokens, nor an established public-key infrastructure.  The four-pass variant of the protocol ensures that a provisioned (or generated) symmetric key will only be available to the server and the cryptographic token itself. Two-pass (i.e., one round-trip) and one-pass (i.e., one message) variants enable secure and efficient download and installation of a symmetric key to a cryptographic token.

Leave a Reply

Your email address will not be published. Required fields are marked *