A temporary key used to encrypt data for only the current session. The use of session keys keeps the secret keys even more secret because they are not used directly to encrypt the data. The secret keys are used to derive the session keys using various methods that combine random numbers from either the client or server or both. See
key management and
security protocol.