Multimedia Internet KEYing (MIKEY)
is a key management protocol that is intended for use with real-time applications. It can specifically be used to set up encryption keys for multimedia sessions that are secured using SRTP
MIKEY is defined in RFC 3830.
Basic Key Transport and Exchange Methods
MIKEY supports three different methods to set up a key:
- pre-shared key (PSK): This is the most efficient way to handle the key transport, since only symmetric encryption is used and only a small amount of data has to be exchanged. However, an individual key has to be shared with every single peer, which leads to scalability problems for larger user groups.
- public-key: The initial key is exchanged with the help of public key encryption. In larger systems, this requires a PKI to handle the secure distribution of public keys.
- Diffie-Hellman: A Diffie-Hellman key exchange is used to set up the initial key. This method has a higher resource consumption (both computation time and bandwidth) than the previous ones, and needs a PKI like in the public-key case. However, it has the advantage of providing perfect forward secrecy.