On Thu, May 04, 2000 at 09:40:14AM -0400, Arnold G. Reinhold wrote:
> Can anyone point me to a good definition of "Perfect Forward Security"?
In rfc2408 section 1.6.1 about ike, you can find one for perfect forward
secrecy. Up to you to decide how relevant and good it is.
" Perfect Forward Secrecy: As described in [DOW92], an authenticated
key exchange protocol provides perfect forward secrecy if disclosure
of longterm secret keying material does not compromise the secrecy of
the exchanged keys from previous communications. The property of
perfect forward secrecy does not apply to key exchange without
authentication."
[DOW92] Diffie, W., M.Wiener, P. Van Oorschot, Authentication and
Authenticated Key Exchanges, Designs, Codes, and
Cryptography, 2, 107-125, Kluwer Academic Publishers,
1992.
