I am learning basis IPSec, and the Ike Phase 1 and 2 concept.
I understand there is a decoupling of phases because it allows to establish a heavy phase 1 once, and multiple light phase 2 as often as needed. What I don't understand is what phase 2 actually bringing to security.
Once IKE Phase 1 is completed, both machines have exchange a private key. Why is not every following communication not using that key? Why is there a second exchange of key?
Thank you