Perfect Forward Secrecy

What Does Perfect Forward Secrecy Mean?

Perfect Forward Secrecy (PFS) is a data encoding property that ensures the integrity of a session key in the event that a long-term key is compromised. PFS accomplishes this by enforcing the derivation of a new key for each and every session.


Techopedia Explains Perfect Forward Secrecy

PFS works on a very simple concept to ensure the safety of session keys from future exploitation by hackers. Encoded messages are encrypted using sophisticated mathematical formulas, where decryption would require massive processing, making building practically impossible with the current computing architecture. However, a hacker theoretically could save an encrypted message with the intention of decrypting it in the future, perhaps when greater computing power is available. PFS is designed to eliminate this threat by periodically creating new keys. So, even if a hacker exploits a private key in the future, he is unable to decrypt previously transmitted messages.


Related Terms

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…