IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [forward-secrecy]

Forward secrecy is a cryptographic property of a protocol ensuring that future compromise of a long-term key (e.g. private keys in TLS) will not allow the adversary to compromise the short-term (session) key and decrypt past communications. Unless the adversary uses the Man-in-the-Middle attack, past communications will be unbreakable for protocols possessing the property.

36 questions
1
vote
2 answers

How does forward secrecy beat public-key encryption if the key is regularly updated?

Why is forward secrecy better (say for WhatsApp) than public-key encryption with a routinely revised key? The advertised issue is backwards safety: If at a point one key is compromised, someone storing the history of past communications would still…
Calaf
  • 113
  • 4
0
votes
1 answer

Forward Secrecy not supported with referenced browsers?

I am running a scan against one of our servers from the Qualys SSL tester site and it says that my server "does not support forward secrecy with the referenced browsers". What exactly does that mean? My server is setup to use ECDHE_RSA_* ciphers…
user53029
  • 2,657
  • 5
  • 24
  • 35
0
votes
1 answer

Emails are forwarded to wrong addresses and possible hacking?

Multiple email addresses for my domain have been compromised. My client forwarded me an old email which he sent me few days ago but I haven't received that email. That email was sent to an email address just like mine but with an O replaced by a…
ali-amir
  • 1
  • 1
0
votes
2 answers

Why are we using RSA although it will be cracked by quantum computers?

Why do we still use RSA 2048 when we know that quantum computers can crack RSA as fast as classical computers can create the key? Providers, governments, APTs, etc. can sniff all the traffic and as soon as the day comes when quantum computers are…
NikolaTesla
  • 17
  • 2
0
votes
1 answer

Static Key Ciphers and key persistence

A vulnerability report states the following: The server is configured to support ciphers known as static key ciphers. These ciphers don't support "Forward Secrecy". In the new specification for HTTP/2, these ciphers have been blacklisted. From…
JohnEye
  • 143
  • 1
  • 5
0
votes
2 answers

How can I make locally stored data unreadable unless connected (logged in) to server?

I have a chat application built in Java. The chat app stores a log of the user Jimmy's chats locally on his machine. I want this chat log to be encrypted so if someone uses the computer (authorized or unauthorized) he cannot simply read all of…
Curious1
  • 113
  • 1
  • 1
  • 4
1 2
3