During communication with a plurality of communication subscribers, it is necessary in many technical areas to use cryptographic methods to protect all the communications of all the subscribers against any form of misuse. In this case, the complexity which is required for cryptographic protection of all the communications is dependent on the respective application. Thus, for example, in private conversations it is under some circumstances not of major importance for all the cryptographically possible security measures to be used to protect the communication. However, in the case of communication with highly confidential contents, for example, very strict protection of the communication is of considerable importance.
The choice of security services, security mechanisms, security algorithms and security parameters used for communication protection is called the security policy, which is complied with during communication between communication partners.
However, since the security requirement and, linked to it, the security policy differ from communication session to communication session and from application to application, and since not all the communication subscribers actually have all the cryptographic methods available to them, it is possible when communication partners change frequently for serious discrepancies to arise in the required or possible security policy which is supported by the respective computer unit of the communication partner and can thus be ensured.
It is necessary for a standard security policy to be defined for the respective communication in every communication session within the group taking part in the communication session. Above all, it is necessary to provide a binding definition of a so-called group code, which is unambiguous for the entire group.
A summary of the cryptographic methods which can generally be used and can be used in the method can be found, for example, in Document S. Muftic, Sicherheits-mechanismen fur Rechnernetze, (Security mechanisms for computer networks), Karl Hansa Verlag Muenchen, ISBN 3-446-16272-0, (1992), pages 34-70.
It is known for two communication partners to negotiate a security policy, the negotiation which is described in this document being limited, however, only to a few parameters that are defined in advance see document, E. Kipp et al, The SSL Protocol, Internet Draft, available in June 1995 on the Internet from the following address: gopher://ds.internic.net:70/00/internet-drafts/draft-hickman-netscape-ssl- 01.txt.