Identifying, tracking, and accounting for the generation, distribution, and destruction of key material between entities is where accounting and management functions are needed. These processes need to be supported in central as well as distributed key management systems.
It is also important to balance security and performance. This is realized when establishing cryptographic key lifetimes, for example. In general, the shorter the key lifetime, the smaller the impact of a compromise, that is, the less data surface dependent on the key. Shorter lifetimes, however, increase the relative overhead of generating, establishing, distributing, and accounting for the key material. This is where public key cryptography—which ...