Session Key
Properties
Must be unique.
Should expire after a while.
Should be difficult to predict.
typically use a pseudo-random number
generator seeded carefully.
8