What you describe is not forward secrecy.
Forward secrecy relates to the following property: a secured communication took place between entities A and B at some time T; the attacker recorded all the messages; at some later time T' the attacker obtains a copy of all the secret keys known to A and B; and yet, the attacker cannot recover the contents of the communication which occurred at time T. To achieve forward secrecy, then the following must hold:
- Each communication (say, each individual message in a mail context) uses a specific encryption key that sender and recipient do not keep around. This necessarily entails some generation mechanism, with randomness.
- It does not support stateless one-way emailing. Indeed, if the complete communication between two scouts is a single message from scout A to scout B, then this means that B "knows enough" to process the message and recover the contents. Unless B forces himself to forget what he once knew (i.e. is not stateless), B could do this feat again; and so can the attacker if he obtained all of B's secrets.
If two-way communications are possible (e.g. as with a SSL connection, with the initial handshake), then a key exchange algorithm like Diffie-Hellman can be used to produce a communication-specific session key, used only for the duration of the connection, and discarded afterwards. Any long-term secret known to both scouts will be used only for mutual authentication.
Since scout messages are one-way, and the average scout won't compute a 1024-bit DH key exchange anyway (he could: all these youngsters nowadays have smartphones, which are entirely up to the task; but I understand that is not the pedagogical point), this kind of solution cannot be used.
Instead, the solution is to make the scouts stateful. The model, here, is that of the One-Time Pad: make it so that sender and receiver share a long sequence of secrets, which they store on some physical medium such as a booklet. When they use a key (say a booklet page) for sending or receiving a message, they destroy it. Therefore, an enemy seizing the booklet after the fact will not obtain the key, and thus won't be able to decrypt a past message.
This is the historically correct solution; in the pre-computer era, field agents used OTP. Scouts can only be thrilled by using the exact same method as real spies and armies used for decades. Extra points for making the booklet in an edible material, so that destruction after usage is fun, easy and safe (the average scout would also find it quite fun to simply burn down the paper, but that might create environmental hazards). Further extra points for walking the scouts through cryptanalysis when OTP was badly used, i.e. the pad has been reused.
Forward secrecy is about what happens when a field agent is seized by the enemy, and forced to reveal his secrets. The scenario you envision is different: no secret forcibly revealed, but a passive decryption which occurred in an unspecified way (e.g. a lot of guesswork from a partially known plaintext). The property you describe (decrypting one message does not reveal other messages) only means that the encryption method is robust against known-plaintext attacks: even knowing some cleartext and the corresponding ciphertext is not enough to enable decryption of other ciphertext, and, in particular, is not enough to rebuild any keying component which is reused for other messages.
Pen-and-paper ciphers are usually weak, although some can be quite strong when the attacker only has a pen and paper too. See this question for suggestion and links.
One-Time Pad is the exception: it is computable with very low computing power, and yet is ultimately robust against known-plaintext attacks, because no employed keying component is reused for another message or message part.
Summary: use OTP. It provides the property you want; it also provides forward secrecy. It is pedagogical, and amenable to enlightening historical reconstruction.