[saag] Confidential Group Communications
"Shaun Cooley (shcooley)" <shcooley@cisco.com> Thu, 05 November 2015 07:46 UTC
Return-Path: <shcooley@cisco.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B1681B2BEA for <saag@ietfa.amsl.com>; Wed, 4 Nov 2015 23:46:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gV70sI7P1jL5 for <saag@ietfa.amsl.com>; Wed, 4 Nov 2015 23:46:28 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65BBA1B3B85 for <saag@ietf.org>; Wed, 4 Nov 2015 23:46:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2492; q=dns/txt; s=iport; t=1446709588; x=1447919188; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=LEFpscg85PjJf1Hken48p/2APyON5/5uALgzRxFDw0E=; b=cOiGU+lINwmpTzIIDt6uoEsfGD4K8yBBhNBtkYrtG8S28PkDAj7u5WJ6 RKpCmNT9pOUmQU+qRw9u+Cubv/ua/umkcaaiiib2Xinho6QMoHaqA7njj njnq8bNpe3yg3sSefzUF6xkyP+2bIHHH5DWGAVhZd/z4h4m0LwjSCnj4w w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D7AQBSCDtW/5pdJa1egztTdb1qAQ2BXiOHJTgUAQEBAQEBAX8LhDyBCwGBACYBBBuIJg2hBaBiAQEBBwEBAQEBGgSGVIkoEQGEfAWNVIh0AYUch3+BYYQ/licBHwEBQoQEhFA6gQcBAQE
X-IronPort-AV: E=Sophos;i="5.20,246,1444694400"; d="scan'208";a="205448364"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 05 Nov 2015 07:46:27 +0000
Received: from XCH-RCD-011.cisco.com (xch-rcd-011.cisco.com [173.37.102.21]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id tA57kRwB023466 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <saag@ietf.org>; Thu, 5 Nov 2015 07:46:27 GMT
Received: from xch-aln-012.cisco.com (173.36.7.22) by XCH-RCD-011.cisco.com (173.37.102.21) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Thu, 5 Nov 2015 01:46:27 -0600
Received: from xch-aln-012.cisco.com ([173.36.7.22]) by XCH-ALN-012.cisco.com ([173.36.7.22]) with mapi id 15.00.1104.000; Thu, 5 Nov 2015 01:46:27 -0600
From: "Shaun Cooley (shcooley)" <shcooley@cisco.com>
To: "saag@ietf.org" <saag@ietf.org>
Thread-Topic: Confidential Group Communications
Thread-Index: AdEXngHUQiB7QU92STqEhf7EvlDiZA==
Date: Thu, 05 Nov 2015 07:46:27 +0000
Message-ID: <dd385cf1d099439da1a6b050e3db30fb@XCH-ALN-012.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.16.77]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/HYqBfiaAH2eO9UEy-SHWN_ydLJg>
Subject: [saag] Confidential Group Communications
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Nov 2015 07:46:30 -0000
This is a follow up to my 60 second speed pitch from today's open session... Questions: - How can we represent and manage group membership in a way that is verifiable, tamper-proof, and practical in both centralized and decentralized topologies? - How do we share encryption keys for resources shared within the group? - How do we federate group membership and keys between a single group that spans multiple central authorities? - How do we have groups that consist of a mix of both centralized and decentralized users? Our first draft, draft-abiggs-saag-primitives-for-conf-group-comms-01, defines two primitives that can be used to answer the above questions. Specifically, a Group Membership Block Chain (GMBC) and a Group Key (GK). Additionally, the draft defines both a centralized and decentralized model, introduces the concept of a "curator" for the centralized model, and provides nominal sequences for each model. A Group Membership Block Chain (GMBC) is. - a ledger of group membership updates over time - a publicly verifiable record of membership and policy - tamper-proof based on public key authentication - supports zero-conflict centralized topologies - supports conflict-resolution in decentralized topologies A Group Key (GK) is. - a standard JOSE JSON representation that wraps a content key with the public keys of each other GMBC group members. - an object that can be shared openly without compromising confidentiality Our second draft, draft-abiggs-saag-key-management-service-03, provides details of a centralized confidential group communication model that is derived from the primitives listed above and lists communication sequences for HTTP file sharing and XMPP. We will publish a third draft in the near future to further detail the use of the primitives in a decentralized model. If anyone else is working in this area, we'd like to chat and hopefully collaborate! Please reach out to me via email or find me in Yokohama tonight or tomorrow. I'll be at the Intercontinental lobby bar after Bits-n-Bites tonight. The drafts: - https://tools.ietf.org/html/draft-abiggs-saag-primitives-for-conf-group-comms-01 - https://tools.ietf.org/html/draft-abiggs-saag-key-management-service-03 I also mentioned a related draft by Martin Thomson and Adam Roach, which can be found at: - https://tools.ietf.org/html/draft-thomson-xmpp-secure-00 -Shaun
- [saag] Confidential Group Communications Shaun Cooley (shcooley)