Perfect forward secrecy

From Citizendium
Revision as of 00:33, 30 August 2010 by imported>Sandy Harris (New page: {{subpages}} In cryptography, '''perfect forward secrecy''' or '''PFS''' is a property of communication protocols that prevent retroactive compromise of communications. For example, ...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
This article is a stub and thus not approved.
 Main Article
 Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
https://en.citizendium.org/wiki/index.php?title=Perfect_forward_secrecy&printable=yes
This editable Main Article is under development and subject to a disclaimer.

In cryptography, perfect forward secrecy or PFS is a property of communication protocols that prevent retroactive compromise of communications.

For example, assume Alice and Bob have ongoing communication that involves both session keys which change fairly often and one or more long-term keys which change less often. The long-term keys might be public keys used for authentication, or shared secrets. Further assume an enemy who has an archive of A and B's messages over some time period and who has compromised a long-term key. Clearly such a compromise allows him to attack the protocol with the goal of obtaining future session keys and reading future messages.

The interesting question is whether compromise of a long-term key also allows him to obtain old session keys and read messages in his archive. Perfect forward secrecy is a guarantee that this is impossible.

Retrieved from "https://citizendium.org/wiki/index.php?title=Perfect_forward_secrecy&oldid=802857"