Real-time communication systems rely on a well-functioning communication channel between two communicating devices that are part of the communication system. The communication channel is typically imposed with strict requirements in different regards, for example in view of determinism, latency, jitter and loss of data packets. Another aspect is security of the communication and an applied security layer may slightly delay the communication, but should not interrupt the communication channel or cause loss of data packets. Keys used for securing the communication channel, e.g. for authentication and encryption of data packets, typically need to be renewed on a regular basis in order to keep the security on a required level. In many communication systems the same key is used for a group of devices and a dedicated key server distributes the keys and enables the use of the keys in the devices.
A difficulty during a key renewal process is that all devices of the communication system using the same key should renew their keys simultaneously in order not to risk data packets to be invalidated in the receiving device due to use of expired keys. This problem is particularly pronounced in communication systems involving a large number of devices and even further so when the distance between the devices is large. For example, in communication between substations of an electric power transmission system the communicating devices may be distributed widely apart and may use different key servers or key groups. In such communication system it may not be sufficient to renew the key simultaneously, since there may be data packets travelling in the system which have not yet reached their destination, and could be invalidated upon arrival by being encrypted with an old key and received with a renewed key.