to...@tuxteam.de wrote: > See, asymmetrical encryption (e.g. RSA, Elliptic Curve) is far too expensive > to use on bulk data, so it typically is used to encrypt a key (generated on > the spot), called "session key". The latter is used to symmetrically (e.g. > AES) encrypt the bulk data. You use that style typically in the deferred > case. > > Perhaps there's even a security advantage in that, since the session key, > as being used for more data gives a potential cryptanalist more material > to chew on: then just the session key would be compromised, and you throw > that away for the next round. I don't know.
The systems that throw it away and redo the DH exchange frequently are said to have "perfect forward security": an attacker who gains one session key doesn't get the next session key. -dsr-
