A session key ( German session key ) is a randomly generated key that only once (for a single connection, an e-mail is used, etc.) (see initialization ). It is used in particular with hybrid encryption . A session key is transmitted securely after it has been generated using an asymmetric encryption process , while the actual user data is transmitted symmetrically encrypted using the session key .
In the case of protocols used in practice, it is customary to renegotiate session keys regularly so that a compromised session key does not enable the data traffic of the respective channel to be deciphered over long periods of time.
- Johannes A. Buchmann: Introduction to Cryptography . Springer, 2001, ISBN 0-387-95034-6 , pp. 140 .