I was reading some blog posts about the Heartbleed vulnerability (who's not nowadays) and was thinking about the following.
Situation A
If I would use a regular SSL/TLS connection the handshake will determine a key to be used for the session which is exchanged over the Internet, and is encrypted with the private key of the certificate on the server.
Situation B
Again I'm establishing a SSL/TLS connection, but this time with Perfect Forward Secrecy used as handshake. In my understanding, the used key for the session only resides on the server and client and is never exchanged over the internet.
All the traffic in both situations is monitored and stored. But useless because we don't know the private key. But what if we could have obtained the private key, say for instance via a heartbleed-exploit?
Is it right to say that:
- In situation B the stored encrypted data is useless, because the used keys are ditched when the session ends and is'n part of the intercepted data. And
- The data captured from situation A is completely decryptable.
