Jump to content

Ephemeral key

From Wikipedia, the free encyclopedia

A cryptographic key is called ephemeral if it is generated for each execution of a key establishment process.[1] In some cases ephemeral keys are used more than once, within a single session (e.g., in broadcast applications) where the sender generates only one ephemeral key pair per message and the private key is combined separately with each recipient's public key. Contrast with a static key.

Private / public ephemeral key agreement key[edit]

Private (resp. public) ephemeral key agreement keys are the private (resp. public) keys of asymmetric key pairs that are used a single key establishment transaction to establish one or more keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., initialization vectors).

See also[edit]


  1. ^ "NIST - Computer Security Resource Center". National Institute of Standards and Technology. Retrieved April 6, 2022. A cryptographic key that is generated for each execution of a key-establishment process and that meets other requirements of the key type (e.g., unique to each message or session).

External links[edit]