标准摘要
[中文适用范围]: 本文件规定了实体组之间建立共享对称密钥的机制。它定义了: - 具有密钥分发中心(KDC)的多个实体之间的基于对称密钥的密钥建立机制; - 通用树状逻辑密钥结构,支持单独重新加密和批量重新加密的基于对称密钥的建立机制。 本文件还定义了用于传输加密材料或在建立加密条件下的消息的必要内容。本文件不规范与密钥建立机制无关的信息,也不规范其他消息(例如错误消息)。本文件未明确涉及信息报文的具体格式。本文件不规定用于在每个实体和KDC之间共享初始秘密密钥的方法,也不规范密钥生命周期管理。本文件还未明确解决域间密钥管理的问题。 [外文原描述]: This document specifies mechanisms to establish shared symmetric keys between groups of entities. It defines: — symmetric key-based key establishment mechanisms for multiple entities with a key distribution centre (KDC); and — symmetric key establishment mechanisms based on a general tree-based logical key structure with both individual rekeying and batch rekeying. It also defines key establishment mechanisms based on a key chain with group forward secrecy, group backward secrecy or both group forward and backward secrecy. This document also describes the required content of messages which carry keying material or are necessary to set up the conditions under which the keying material can be established. This document does not specify information that has no relation with key establishment mechanisms, nor does it specify other messages such as error messages. The explicit format of messages is not within the scope of this document. This document does not specify the means to be used to establish the initial secret keys required to be shared between each entity and the KDC, nor key lifecycle management. This document also does not explicitly address the issue of interdomain key management.
英文名称Information security - Key management - Part 5: Group key management