[bwackwat]

I have been using symmetrically encrypted TCP servers and clients, which I have been developing in a C++ library.

I believe the standard is basically TLS 1.2 asymmetric encryption and then token-based authentication via username/password mechanisms. For example, most databases are securely accessible via external services using TLS.

Key distribution in my case (symmetric encryption,) is trivial, but securing or replacing those keys is non-trivial and I have yet to solve this problem.

Nonetheless, securing private or even public TLS keys is a seriously difficult problem as well.