All of the authentication systems examined use cryptography for authentication. This aspect looks at the models and procedures used to generate and distribute the keys used for the authentication process. This section does not discuss the generation or distribution of the users' secret keys, public key/private key pair, or the use of key encrypting keys. This section focuses on how the session key, or secret key used between client and server are generated and distributed. Session key generation is a major difference between Kerberos and Secure RPC. Kerberos generates a pseudo-random DES key for use as a session key, while Secure RPC uses a public key generation method.