Systems and methods disclosed herein provide secure, efficient, and
mutually authenticated cryptographic key distribution. A client or client
manufacturer may pre-generate and pre-encrypt the cryptographic keys,
store the encrypted keys within the client, and deliver such keys to the
serving network's access server via the client, while also relying upon,
if available, the authentication performed by a trusted access server of
an intermediate network which the client must traverse in order to obtain
access the serving network. If not available, a client password stored
within the client may be used to enable client authentication by the
serving network prior to acceptance of the delivered cryptographic keys.