18
submitted 9 months ago by BlanK0@lemmy.ml to c/security@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] leanleft@lemmy.ml 4 points 9 months ago

https://en.wikipedia.org/wiki/Forward_secrecy

although unfortunately:
"Forward secrecy is designed to prevent the compromise of a long-term secret key from affecting the confidentiality of past conversations. However, forward secrecy cannot defend against a successful cryptanalysis of the underlying ciphers being used, since a cryptanalysis consists of finding a way to decrypt an encrypted message without the key, and forward secrecy only protects keys, not the ciphers themselves.[7] A patient attacker can capture a conversation whose confidentiality is protected through the use of public-key cryptography and wait until the underlying cipher is broken (e.g. large quantum computers could be created which allow the discrete logarithm problem to be computed quickly). This would allow the recovery of old plaintexts even in a system employing forward secrecy. "

this post was submitted on 08 Feb 2024
18 points (87.5% liked)

Security

5014 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS