Is it possible to exchange a symmetric session key securely using public-key encryption?

Public-key encryption can securely transport a randomly generated symmetric session key over an insecure channel. The process is straightforward: you generate a session key for a fast symmetric cipher (like AES), encrypt that key with the recipient’s public key, and send it. The recipient uses their private key to decrypt and recover the session key, after which both parties use that key to encrypt and decrypt the actual data with the faster symmetric algorithm. This lets you get the best of both worlds: secure delivery of the key with public-key crypto and efficient data protection with symmetric crypto. It isn’t limited to a particular type of public-key system; any algorithm that provides confidentiality (RSA, ECC, etc.) can wrap a symmetric key. While many real-world systems implement this as part of a hybrid scheme to combine the methods, the fundamental ability to securely exchange the session key using public-key encryption makes this approach feasible.