Download - Key Management Service on Ericsson Labs
![Page 1: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/1.jpg)
key management
service
A labs.ericsson.com APIhttps://labs.ericsson.com/apis/key-management-service/
![Page 2: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/2.jpg)
© Ericsson AB 2010 | Page 2
Key management service
› Secure P2P service
› This service allows two clients to establish a shared secret key via an easy-to-use API
› The key can be used to secure all types of peer-to-peer communication e.g. voice calls, conferencing, video, chat, immediate messaging, file transfer, etc.
› Since MWSB (GBA) is used for bootstrapping, nothing new needs to be managed or distributed
![Page 3: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/3.jpg)
© Ericsson AB 2010 | Page 3
WHY key management service?
› Existing security enablers (MWSB and Oauth2) are client-server – not peer-to-peer
› Currently key management for P2P is complicated and therefore not used
› The Secure P2P enabler gives app developers an easy-to-use API
› Extensibility – can be used to secure any type of P2P communication
› Standard – recently standardized in 3GPP and IETF
![Page 4: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/4.jpg)
© Ericsson AB 2010 | Page 4
Overview
![Page 5: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/5.jpg)
© Ericsson AB 2010 | Page 5
C API Usage
› An easy-to-use C library is available on the Ericsson Labs portal
› The library handles message creation/parsing and the communication with the KMS
› As a developer, all you need to do is:
– Setup the Initiator and Responder
– Deliver the Initiator’s initmsg (output by the library) to the Responder
– Deliver the Responder’s respmsg (also output by the library) to the Initiator
› Once the above is done, the shared key can be retrieved by calling the function getKey()
![Page 6: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/6.jpg)
© Ericsson AB 2010 | Page 6
C API usage – Initiator
client_t *initiator;char *initmsg, *respmsg;
unsigned char key[KEY_LEN];
// Setup the Initiator KMS client
initiator = client_init(IMPI_I, IMPU_I, KEY_I, APIKEY, HTTP-PROXY);
initmsg = create_transfer_init(initiator);
< application specific: initmsg is sent and respmsg is received >
parse_transfer_resp(initiator, respmsg);
get_key(initiator, key);
< Use key to secure Initiator-Responder communication >
Note: The Initiator IMPI, IMPU, and key are obtained via the MWSB API at Ericsson Labs
![Page 7: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/7.jpg)
© Ericsson AB 2010 | Page 7
C API usage – Responder
client_t *responder;char *respmsg, *initmsg;
unsigned char key[KEY_LEN];
// Setup the Responder KMS clientresponder = client_init(IMPI_R, IMPU_R, KEY_R, APIKEY, HTTP-PROXY);
< application specific: initmsg is received from Initiator >
respmsg = parse_transfer_init(responder, initmsg)
< application specific: respmsg is sent to Initiator >
get_key(responder, key);
< Use key to secure Initiator-Responder communication >
Note: The Responder IMPI, IMPU, and key are obtained via the MWSB API at Ericsson Labs
![Page 8: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/8.jpg)
© Ericsson AB 2010 | Page 8
Example applications
Secure chat
Secure messaging
Secure voice
Secure conferencing
Secure video
Secure file transfer
Any application requiring confidentiality, authentication, or integrity
![Page 9: Key Management Service on Ericsson Labs](https://reader034.vdocument.in/reader034/viewer/2022042601/5566268fd8b42a61238b4fc8/html5/thumbnails/9.jpg)
© Ericsson AB 2010 | Page 9