Low Latency and Computational overhead A common practice in generating a DH session key is to use the DH key in a keyed hash over random nonces and other data: TGK is HMACx(RAND1|RAND2) where x = g(xi* xr) This construct allows for a long-lived Diffie-Hellman key pair as it is never used to encrypt any transmitted data rather to generate the actual key. NIST Special Publication 800-56A Sec 6.3 |