When a device needs to be authenticated as secure, it generates a new cryptographic key for one session and sends it as a message signed with its private key to a third party.