Session Key

Tags: networking

A symmetric key that's [see page 29, generated] and shared between the sender and receiver. It's used for confidentiality and/or integrity.

Session keys are normally generated after authentication is completed and sender/receiver can share it. Any potential attackers can't break the authentication or discover the session key.

Advantages include:

Less common keys are used in communications. Cryptanalysis attacks grow easier the more material encrypted with a specific key is available. Using a session key that changes frequently prevents this.
Asymmetric encryption is too slow for a lot of situations.

Links to this note

Key Agreement Protocol
Perfect Forward Secrecy