Session keys

Advantages of a session key

Asymmetric algorithms (which come into play in public-key cryptosystems) make it possible to eliminate problems related to key sharing via a secure channel. However, they remain much less effective (in terms of calculation time) than symmetric algorithms.

The concept of session keys is a compromise between symmetric and asymmetric encryption that makes it possible to combine the two techniques.

The principle of session keys is simple: it involves randomly generating a reasonably-sized session key and encrypting this key using a public-key encryption algorithm (more precisely, using the recipient's public key).

session key transport

The recipient is capable of decrypting the session key with his private key. The sender and recipient are in possession of a shared key that only they know. They can therefore send each other encrypted documents using a symmetric encryption algorithm.

Diffie-Hellman algorithm

The Diffie-Hellman algorithm (named after its inventors Diffie and Hellman) was developed in 1976 to make it possible to exchange keys via an insecure channel. It is based on the problem of computing discrete logarithms in finite fields.

More information

The Diffie-Hellman algorithm is however sensitive to the "Man in the middle" attack

Ask a question
CCM is a leading international tech website. Our content is written in collaboration with IT experts, under the direction of Jean-François Pillou, founder of CCM reaches more than 50 million unique visitors per month and is available in 11 languages.
This document, titled « Session keys », is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (

Subscribe To Our Newsletter!

The Best of CCM in Your Inbox

Subscribe To Our Newsletter!