Advantages of a session key
Asymmetric algorithms (which come into play in public-key cryptosystems) make it possible to eliminate problems related to key sharing via a secure channel. However, they remain much less effective (in terms of calculation time) than symmetric algorithms.
The concept of session keys is a compromise between symmetric and asymmetric encryption that makes it possible to combine the two techniques.
The principle of session keys is simple: it involves randomly generating a reasonably-sized session key and encrypting this key using a public-key encryption algorithm (more precisely, using the recipient's
The recipient is capable of decrypting the session key with his private key. The sender and recipient are in possession of a shared key
that only they know. They can therefore send each other encrypted documents using a symmetric encryption algorithm.
The Diffie-Hellman algorithm (named after its inventors Diffie and Hellman) was developed in 1976 to make it possible to exchange keys via an insecure channel. It is based on the problem of computing discrete logarithms in finite fields.
The Diffie-Hellman algorithm is however sensitive to the "Man in the middle" attack
Claves de sesión
Les clés de session
Le chiavi di sessione
Criptografia de chave pública
Latest update on October 16, 2008 at 09:43 AM by Jeff.