diff --git a/api/proto/etsi14.proto b/api/proto/etsi14.proto
new file mode 100644
index 0000000000000000000000000000000000000000..8577b54ea3dc10cdd58692259905b8ef3ebdc278
--- /dev/null
+++ b/api/proto/etsi14.proto
@@ -0,0 +1,169 @@
+syntax = "proto3";
+
+package danet.etsi;
+
+import "google/api/annotations.proto";
+import "google/protobuf/descriptor.proto";
+import "protoc-gen-openapiv2/options/annotations.proto";
+import "google/protobuf/any.proto";
+
+option go_package = "code.fbi.h-da.de/danet/etsi/api/go/etsi14";
+
+option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = {
+	info: {
+		title: "danet ETSI14 Interface";
+    description: "Protocol Buffer specifications and Go code for the ETSI14 KMS Interface"
+		version: "0.1";
+		contact: {
+			name: "danet research group";
+            //TODO: ADD PROPER URL AND MAIL
+			//url: "https://code.fbi.h-da.de/danet/api";
+			//email: "none@example.com";
+		};
+		license: {
+			name: "BSD 3-Clause License";
+			// TODO: ADD PROPER LICENSE LINK
+            //url: "https://code.fbi.h-da.de/danet/api/-/blob/master/LICENSE";
+		};
+  };
+};
+
+service ETSI14Service {
+    // Returns Status from a KME to the calling SAE. 
+    // Status contains information on keys available to be requested 
+    // by a master SAE for a specified slave SAE.
+    rpc GetStatus(GetStatusRequest) returns (GetStatusResponse) {
+        option (google.api.http) = {
+            get: "/{KME_hostname}/api/v1/keys/{slave_SAE_ID}/status"
+        };
+    }
+
+    // Returns Key container data from the KME to the calling master SAE. 
+    // Key container data contains one or more keys. The calling master SAE may supply 
+    // Key request data to specify the requirement on Key container data. The slave SAE 
+    // specified by the slave_SAE_ID parameter may subsequently request matching keys 
+    // from a remote KME using key_ID identifiers from the returned Key container.
+    rpc GetKey(GetKeyRequest) returns (GetKeyResponse) {
+        option (google.api.http) = {
+            post: "/{KME_hostname}/api/v1/keys/{slave_SAE_ID}/enc_keys"
+            body: "*""
+        };
+    }
+
+    // Returns Key container from the KME to the calling slave SAE. 
+    // Key container contains keys matching those previously delivered to a remote master SAE
+    // based on the Key IDs supplied from the remote master SAE in response to its call to Get key.
+    // The KME shall reject the request with a 401 HTTP status code if the SAE ID of the requestor 
+    // was not an SAE ID supplied to the "Get key" method each time it was called resulting in the
+    // return of any of the Key IDs being requested.
+    rpc GetKeyWithIDs(GetKeyWithIDsRequest) returns (GetKeyWithIDsResponse) {
+        option (google.api.http) = {
+            post: "/{KME_hostname}/api/v1/keys/{master_SAE_ID}/dec_keys"
+            body: "*""
+        };
+    }
+}
+
+message GetStatusRequest {
+    string KME_hostname = 1;
+    string slave_SAE_ID = 2;
+}
+
+message GetStatusResponse {
+    int64 timestamp = 1;
+    Status status = 2;
+    Error error = 3;
+}
+
+message GetKeyRequest {
+    string KME_hostname = 1;
+    string slave_SAE_ID = 2;
+    KeyRequest key_request = 3;
+}
+
+message GetKeyResponse {
+    int64 timestamp = 1;
+    KeyContainer key_container = 2;
+    Error error = 3;
+}
+
+message GetKeyWithIDsRequest {
+    string KME_hostname = 1;
+    string slave_SAE_ID = 2;
+    repeated KeyID key_ID = 3;
+}
+
+message GetKeyWithIDsResponse {
+    int64 timestamp = 1;
+    KeyContainer key_container = 2;
+    Error error = 3;
+}
+
+// FIGURE THIS ERROR STUFF OUT
+message Error {
+    ErrorCode code = 1;
+    string message = 2;
+    map<string, ListOfDetails> details = 3; // maybe map<string, string> is enough here?!
+    // or also google.protobuf.Any?
+}   
+
+// Maybe not neccessary
+message ListOfDetails {
+    repeated string details = 1;
+}
+
+// FIGURE THIS ERROR STUFF OUT
+enum ErrorCode {
+
+}
+
+message Status {
+    string source_KME_ID = 1;
+    string target_KME_ID = 2;
+    string master_SAE_ID = 3;
+    string slave_SAE_ID = 4;
+    int key_size = 5;
+    int stored_key_count = 6;
+    int max_key_count = 7; 
+    int max_key_per_request = 8;
+    int max_key_size = 9;
+    int min_key_size = 10;
+    int max_SAE_ID_count = 11;
+}
+
+message KeyRequest {
+    int number = 1;
+    int size = 2;
+    repeated string additional_slave_SAE_IDs = 3;
+    repeated ExtensionMandatory extension_mandatory = 4;
+    repeated ExtensionOptional extension_optional = 5;
+}
+
+// Array of extension parameters specified as name/value pairs that KME shall 
+// handle or return an error. Parameter values may be of any type, including objects.
+message ExtensionMandatory {
+    map<string, google.protobuf.Any> extension_mandatory = 1;
+}
+
+// Array of extension parameters specified as name/value pairs that KME may ignore. 
+// Parameter values may be of any type, including objects.
+message ExtensionOptional {
+    map<string, google.protobuf.Any> extension_optional = 1;
+}
+
+message KeyID {
+    string key_ID = 1;
+    google.protobuf.Any key_ID_extension = 2;
+}
+
+message KeyContainer {
+    repeated Key key = 1;
+    google.protobuf.Any key_container_extension = 2;
+}
+
+message Key {
+    string key_ID = 1;
+    KeyIDExtension key_ID_extension = 2;
+    string key = 3;
+    google.protobuf.Any key_extension = 4;
+}
\ No newline at end of file