Applications, such as Routing Protocol Application (RPA), Transmission Control Protocol (TCP), and signaling protocols (such as LDP), exchange authenticated packets over the network for security reasons, but the authentication mechanism in these applications is not robust.
Each application uses a constant authentication key unless the administrator of the network changes the key manually. Manual authentication key change is a cumbersome procedure. During the change, packets can be dropped, because it is very difficult to change the keys instantaneously on all routers.
Another drawback of this type of authentication mechanism is that there is no central application to control all the authentication functionality. Each application maintains its own set of authentication rules. If there are many application instances that require the same set of authentications, this results in duplication of data and processing.
This authentication system needs a mechanism to achieve centralization of all authentication processing and dynamic change of authentication keys with little human intervention. To achieve such, a new application called Keychain has been added to the system.
Keychain is a centralized application that provides authentication functionality to all applications that require them. It also provides dynamic change of authentication keys to all required applications.
When routing applications communicate over a network, persons with malicious intent can tamper with packets or pretend to be authenticated users. To detect modified messages and to authenticate the sender, routing applications support message authentication by defining the authentication rules statically. Each application may use different authentication rules, but using the same authentication rule over a long period will eventually compromise security. Manually changing the authentication rules on communicating peers simultaneously is error prone.
If each application maintains its own set of authentication rules, multiple instances of the same set of authentication information create duplication of data and processing across networking applications.
Keychain centralizes the storage of authentication information and provides dynamic modification of authentication information without human intervention for all applications that need to perform authenticated communication.