Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Session key
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Refimprove|date=December 2009}} A ''' session key''' is a single-use [[symmetric key]] used for [[encrypting]] all [[message]]s in one [[Session (computer science)|communication session]]. A closely related term is '''content encryption key''' ('''CEK'''), '''traffic encryption key''' ('''TEK'''), or '''[[multicast]] key''' which refers to any key used for encrypting messages, contrary to other uses like encrypting other keys ('''key encryption key''' ('''KEK''') or '''key encryption has been made public key'''). Session keys can introduce complications into a system, yet they solve some real problems. There are two primary reasons to use session keys: # Several cryptanalytic attacks become easier the more material encrypted with a specific key is available. By limiting the amount of data processed using a particular key, those attacks are rendered harder to perform. # [[public key cryptography|Asymmetric encryption]] is too slow for many purposes, and all [[symmetric key algorithm|secret key algorithm]]s require that the key is securely distributed. By using an asymmetric algorithm to encrypt the secret key for another, faster, symmetric algorithm, it's possible to improve overall performance considerably. This is the process used by [[Transport Layer Security|TLS]]<ref>{{cite web |url=https://www.cloudflare.com/learning/ssl/what-is-a-session-key/ |title=What is a session key? Session keys and TLS handshakes |access-date=2024-08-21}}</ref> and by [[Pretty Good Privacy|PGP]].<ref>OpenPGP http://tools.ietf.org/html/rfc9580</ref> Like all [[cryptographic keys]], session keys must be chosen so that they cannot be predicted by an attacker, usually requiring them to be chosen randomly. Failure to choose session keys (or any key) properly is a major (and too common in actual practice) design flaw in any crypto system.{{Citation needed|date=March 2011}} ==See also== * [[Ephemeral key]] * [[Random number generator]] * [[List of cryptographic key types]] * [[One-time pad]] * [[Perfect forward secrecy]] ==References== {{Reflist}} {{DEFAULTSORT:Session Key}} [[Category:Key management]]
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Templates used on this page:
Template:Citation needed
(
edit
)
Template:Cite web
(
edit
)
Template:Refimprove
(
edit
)
Template:Reflist
(
edit
)
Search
Search
Editing
Session key
Add topic
