Session Key Agreement

Most cryptographic protocols like SSH use a key exchange algorithm to deduce unique keys for each session or connection. Typical key exchange algorithms are Diffie-Hellman and the Diffie-Hellman elliptic curve. Weak Perfect Forward Secrecy (WPFS) is the weakest property in which, in case of compromise of the agents` long-term keys, the previously defined session key is guaranteed, but only for sessions in which the adversary does not actively intervene. Hugo Krawczyk introduced in 2005 this new idea and the distinction between this secret and the secrets of the front. [7] [8] This weaker definition implicitly requires that the complete (perfect) secret maintain the secrecy of previously established session keys, even in meetings where the adversary actively intervenes or attempts to act as a man in the middle. In 1982, Ingemarsson, Tang and Wong presented the first PCA Protocol [20], based on the key protocol of the key two-party „Diffie-Hellman“ agreement [19]. The GKA protocols of Koyama and Ohta [24], Blundo et al.[6], as well as the Burmese and Desmedt [15]. Since then, a large amount of research on PCAs and the safeguarding of GKA protocols has been presented, mainly due to the distribution and dynamics of PCAs and security challenges – see, for example.B. [1, 5, 7, 8, 9, 10, 11, 12, 13, 16, 18, 23, 26, 27, 28, 29, 30, 31, 33, 34] and. Perfect Forward Secrecy means that long-term key conversion (for example.B. host keys) does not affect session keys. That is, an attacker who breaks into the server is not able to decrypt previous sessions. Forward Secrecy protects data on the transport layer of a network using common SSL/TLS protocols, including OpenSSL, when its long-term secret keys are compromised, as in the case of the Heartbleed security error.

If forward secrecy is used, encrypted communications and sessions recorded in the past cannot be recovered and decrypted, long-term secret keys or passwords should be compromised in the future, even if the attacker has actively intervened, for example by a man-in-the-middle attack. . . .