Key management is a common problem in client/server applications that use encryption. At times keys may become compromised and must be replaced. Even in cases where no key compromise has been detected, information technology (IT) administrators feel it is wise to periodically change encryption keys in the event the key has been compromised without their knowledge.
However, when a key is distributed among many machines, securely updating all of the machines with the new key is difficult and time-consuming. The key should not be distributed in such a way that the key is too easy to obtain from the network (such as sending it over email), yet it must be distributed in a way that is easy for the users to work with. This presents a problem that IT administrators must address. On the one hand, a secure method of key distribution exists (manually updating the keys), but it requires too much human interaction and is costly and cumbersome. On the other hand, an easier and low-cost method exists (distributing via email), but it is not as secure and the updated keys could easily be compromised.
There is a need for a method of key propagation that overcomes the stated shortcomings of the prior art.