Questions tagged [perfect-forward-secrecy]
The perfect-forward-secrecy tag has no usage guidance.
12
questions
0
votes
1
answer
72
views
How many ephemeral session keys made when loading web page
I'm trying to understand the concept of ephemeral session keys as it pertains to perfect forward secrecy. There's an example I wasn't sure if.
Let's say I have a webpage served over TLS at the url ...
- 275
0
votes
1
answer
170
views
Is This Perfect Forward Secrecy?
I have a textbook that contains the following problem:
In practice, one master key, KM, is exchanged in a secure way (e.g. Diffie-Hellman key exchange) between the involved parties. Afterwards, ...
- 101
1
vote
0
answers
144
views
Nym Perfect Forward Secrecy
I recently heard about the Nym mixnet and am researching it and the Sphinx packet format. So far it looks promising, but there is one thing I'm unsure of.
Networks like Tor use ephemeral keys to limit ...
0
votes
0
answers
173
views
In which sense is Perfect Forward Secrecy perfect? [duplicate]
Wikipedia states that Perfect Forward Secrecy "is a feature of specific key agreement protocols that gives assurances that session keys will not be compromised even if the private key of the server is ...
- 103
0
votes
0
answers
19
views
Which part/step of the TLS handshake is essential for providing PFS? [duplicate]
I would say the key exchange part, because PFS is used only during the key exchange of server and client.
Am I right or have I overlooked something?
- 1
0
votes
0
answers
169
views
Is client-side password hashing still useful when using TLS? Is TLS crackable? What about PFS? [duplicate]
Is client-side password hashing still necessary / useful when using TLS? What about TLS protocols with PFS (perfect forward secrecy) like Diffie-Hellman?
Let’s say that I’m running a web application ...
- 113
0
votes
1
answer
1k
views
OpenSSL - 2040 bit temporary key size, 2048 bit private key
Recently, I had an OpenVAS scan report that a TLS connection to Postfix used a temporary key size of 2040 bits, instead of the 2048 bits that I have set for my key size, and I have perfect forward ...
- 125
2
votes
1
answer
686
views
Perfect forward secrecy in Instant Messaging with multiple devices
I have read multiple sites online about PFS and DH but I still have a few questions.
I understand that in order to have PFS you must use different keys to encrypt messages. So your IM client could be ...
- 21
9
votes
1
answer
12k
views
How does TLS work (RSA, Diffie-Hellman, PFS)?
I know "How TLS works" has been discussed numerous times here and crypto, but I am still somewhat confused and would like to summarize what I know so far 1 in this giant blob of text with ...
- 219
0
votes
1
answer
23k
views
Which PFS Group is recommended for IPSec configuration?
I can't find much information on PFS (Perfect Forward Secrecy) Groups so I'm unsure what to suggest for a secure IPSec configuration.
Any suggestions on PFS groups that aren't recommended?
What is ...
- 539
1
vote
0
answers
111
views
How to maintain sensible cipher list for a public webserver [duplicate]
I'm configuring nginx and am trying to find a cipher list that gives an A standard over at SSLlabs while also allowing common browsers to access the website.
I am not an expert and am asking this ...
- 473
2
votes
1
answer
101
views
Can PFS be used to prove that a file was transmitted/received at a particular date & time?
Can Perfect Forward Secrecy (PFS) be used to prove that a particular file was transmitted or received at a particular time? If so, how? By keeping records of the entire TLS stream?
- 1,783