•For efficiency, one generally uses RSA (or another public-key
algorithm) to transmit a private (symmetric) key.
•The private session key is used to
encrypt and authenticate any subsequent data.
•
•Digital signatures are only used to sign a digest of
the message.
