Engelbrecht, W. (2018):
Group Key Management with Strongswan
In recent years the Internet of Things (IoT) has shown a rapid growth which leads to many devices with limited resources being added to the internet. Many of those require communication on a group level to effectively manage their limited resources and provide maximum use of their presented information. The amount of keys that need to be managed by each device rises exponentially when using secured communication. A group key management in combination with a multicast architecture could solve this problem. The client need only to store the keys needed for the communication to the server and the groups they are subscribed to. The group key manager takes care of the authentication and authorization of the group members wanting to join and distributes the keys accordingly. It also manages the lifetime and policies that are in action in its managed groups. G-IKEv2 is a proposal for a standard to ensure such a thing based on the IPsec protocol IKEv2. This thesis implements the base of a group manager in the already established IPsec suite Strongswan.