How Key Exchange, KDF, and Randomness Create Session Keys
When a device connects to a server for the first time, they usually do not already share a session key. They need to agree on a symmetric key over an open network.
This is often compressed into: “Use ECDH to compute a key.”
That skips two important boundaries. ECDH/X25519 produces a shared secret, not the final key to feed into AES-GCM. And the whole path depends on randomness and context binding.
Read More