In client-server mode, for a secure session, a master key of the session needs to be generated through key exchange or an existing shared secret when the session is established initially; and the legal identity of both parties needs to be confirmed through client authentication and server authentication. The client and the server generate a traffic encryption (TE) key upon the master key. A TE key generally includes a set of keys, for example, a data encryption key, and an integrity protection key. A session may include different channels that are responsible for different tasks such as data transmission and remote control. In a session based on the Secure Shell (SSH) protocol, a session may have multiple channels concurrently.
If the session is interrupted actively or passively, a complete session establishment process may be initiated again between the client and the server, including key exchange, generation of a master key and a TE key, and authentication, to establish the required channels again or restart the tasks not completed in the previous session. In the process of re-establishing a session, the processes such as key exchange and authentication involve multiple interactions, and a perceivable delay occurs; the generation of the master key and the TE key adds a load to the CPU; because the interrupted tasks in the previous session need to be restarted, a waste of time occurs. In a practical situation, when the session and the tasks need to be recovered in a short time, re-establishing a session based on the prior art is unacceptable.