DSP-R01
SESSION ID:
Seven Grades of Perfect Forward Secrecy
Oleg Gryb
Sr. Manager, Security Engineering
Samsung SSIC
#RSAC PFS - Definitions
Classical PFS Definition
“Long-term cret keying material does not compromi the crecy of the exchanged keys from earlier run”
W. Diffie, P. Oorchot, M.Wiener: Authentication and Authenticated Key Exchanges, 1992
people.scs.carleton.ca/~paulv/papers/sts-final.pdf
Session and Long-term Keys
Session Keys:
•One time symmetric key ud to encrypt all messages
in a ssion.
•Similar to a one time u password (OTP).
Long-term Keys:
•Live longer than a ssion. It can actually live years.
•Can be ud to derive Session Key.
•Idealistically stored in an HSM appliance, but it varies.
PFS – What it protects
#RSAC against
