What is a session key?
Q: What is a session key?
A: A session key is a single-use symmetric key used for encrypting all messages in one communication session.
Q: What is the difference between a session key and a traffic encryption key (TEK)?
A: A TEK refers to any symmetric key that is used to encrypt traffic messages, while a session key is specifically used for encrypting all messages in one communication session.
Q: Why are session keys used?
A: Session keys are used because they help with some real problems, such as making cryptanalytic attacks more difficult and allowing faster encryption algorithms to be used by securely distributing an encrypted secret key.
Q: How should session keys be chosen?
A: Session keys must be chosen randomly so that they are unpredictable by an attacker.
Q: What happens if the wrong type of session keys are chosen?
A: If the wrong type of session keys are chosen, it can be a major drawback in any cryptosystem.
Q: How often do TEKs typically change?
A: TEKs typically change frequently; in some systems daily and in others for every message.
Q: What other algorithm can be used to improve performance when using symmetric-key algorithms? A: Public-key cryptography can be used to distribute an encrypted secret key for another, faster, symmetric-key algorithm which can improve overall performance considerably.
