DSKPP and PSKC, IETF Standard Protocol and Payload for Symmetric Key Provisioning

  • Philip Hoyer


This paper will describe the work currently being completed by the IETF ‘keyprov’ working group to create a standard online protocol and payload to provision symmetric keys. Dynamic Symmetric Key Provisioning Protocol - DSKPP provides an open and interoperable mechanism for initializing and configuring symmetric keys to cryptographic modules that are accessible over the Internet. The portable Symmetric Key Container - PSKC specifies a symmetric key XML format for transport and provisioning of symmetric keys (for example One Time Password (OTP) shared secrets or symmetric cryptographic keys) to different types of devices. The paper will outline the mechanisms of DSKPP and its main application use cases. It will also describe the PSKC payload format and its applicability for use within the DSKPP protocol or as a standalone format for off-line key provisioning and transport.


Payload Format Online Protocol Algorithm Profile Cryptographic Module IETF Standard 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. The Initiative for Open Authentication, In:
  2. IETF: Dynamic Symmetric Key Provisioning Protocol, In:, 2010.
  3. IETF: Portable Symmetric Key Container, In:, 2010.
  4. [SKPC] IETF: Symmetric Key Package Content Type, In: 2010.
  5. IETF: HOTP: An HMAC-Based One-Time Password Algorithm, In:, 2005.
  6. IETF: Additional Portable Symmetric Key Container (PSKC) Algorithm Profiles, In:, 2010.

Copyright information

© Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH 2011

Authors and Affiliations

  • Philip Hoyer
    • 1
  1. 1.Senior Architect – Office of CTO ActivIdentity (UK)London

Personalised recommendations