Authentication first
A new key is used for each session
Using shared (master) secret
encrypt the new key
Using public keys
Establish a shred key for the session even if a there is already a shared secret key
Typically a long term secret key is called a Master key, possibly derived from a password.
The master key is used to authenticate and establish a new session key.
Alice -> Bob: E(PRa, E(PUb, K))
diffie-Hellman with signing,i.e.,
Alice -> Bob:E(PRa, Y^a)
Bob -> Alice:E(PRb, Y^b)
Each communication pair needs to share a master key
