perfect forward secrecy (cryptography) (PFS)

There are various methods for encryptingdata traffic. Among the better known are elliptic curve cryptography( ECC) and perfect forward secrecy (PFS). In contrast to other methods, the latter offers additional protection against subsequent decryption.

Cryptographic methods work with secret numbers derived from secret values. With Perfect Forward Secrecy (PFS), also known as Forward Secrecy( FS), there is no relationship between successive keys. Keys preceding and following a key are not derived from a master key. New keys are generated all the time. In other encryption methods, all session keys depend on a master key. Once this has been decrypted, it is easy for attackers to access all sessions.

Perfect Forward Secrecy or Public-Key Forward Secrecy (PFS) differs from other encryption protocols in that it first performs asymmetric encryption using secret and public keys, and then symmetric encryption using a secret session key.

The PFS method is used in the Diffie-Hellman method and in encryption methods with elliptic curve cryptography. It is used as a security protocol for key exchange and is used, among other things, for secure communication in virtual private networks( VPN), in e-mail security or for key exchange between browser and server.