We have looked at an overview of two approaches: symmetric (secret) key and asymmetric (public) key. In practice the two methods are often combined. In particular, it is common for systems to use PKI to establish a security context and then exchange key values and use symmetric keys for encryption. The reason for this is that asymmetric key encryption takes more processing power than symmetric key encryption does. However, the distinction is useful because the two major upper-level authentication methods we cover fall into both camps. Kerberos is more often based on the secret key approach, while TLS is based on a certificate approach. The following sections look at each of these methods in detail and show how they can be incorporated into the RSN model. We also consider three other methods, each of interest for a different reason:
|