In this section, we provide examples of some of the most prominent key management procedures being used today. It is of course not our intent to cover every imaginable method for symmetric keys. Other examples of key management procedures such as Mobile IP-AAA and public key infrastructure (PKI) certificates are provided in later chapters. It should also be mentioned that the tasks of key management and peer authentication are closely related and we now are witnessing a trend in combining the two. Since authentication is an expensive procedure, whenever possible, keys or keying materials for the following secure communications should be established in conjunction with the authentication process:
When authentication of a peer is performed by a central server, it is common that authentication and key generation happens at the server simultaneously and then the keys are transferred from the server to the client (peer) along with the indication of the successful authentication.
When key management happens through a peer-to-peer key agreement and independent of a main server, care must be taken so that neither peer establishes a trust relationship or keys with unknown or untrusted entities. For this reason well-designed key agreement methods also include an in-band mutual peer authentication.
As mentioned earlier, combining authentication and key management procedure is an efficient exercise. A new trend is emerging ...