Perfect Forward Secrecy

Tags: security networking

The concept of a secure communication system where even if the traffic and one of the users keys is deciphered the attacker is still unable to read the encrypted correspondences.

Perfect forward secrecy generally addresses faults in session keys, [see page 34, consider]:

- Alice encrypts a message with shared key K and sends cipher text to Bob.
- Trudy records ciphertext and later attacks Alice (or Bobs) computer to recover K
- Trudy now decrypts recorded message.

This is an extension of public key cryptography algorithm above where an attacker has
the initial correspondance (encrypted transmission of session-key) and later attacks
either sender or recipient to get their public keys and use it to decrypt K. Now the
attacker can decrypt all intermediate correspondences.

Note: Mention vulnerability to man in the middle attack.

Links to this note

Key Agreement Protocol