symmetric/asymmetric encryption
symmetric - uses the same key, generally a session key
is the primary way we encrypt data
how to exchange session key?
in-band - key goes with data - bad way
ephemeral key (temporary), provides perfect forward secrecy, uses asymmetric encryption (key-pair, public to encrypt, private to decrypt)
problem with asymmetric is slow, so usually it is used to send secure session key and then the sesson uses symmetric encryption
is the primary way we encrypt data
how to exchange session key?
in-band - key goes with data - bad way
ephemeral key (temporary), provides perfect forward secrecy, uses asymmetric encryption (key-pair, public to encrypt, private to decrypt)
problem with asymmetric is slow, so usually it is used to send secure session key and then the sesson uses symmetric encryption