Why PFS when we have DH

Jimmy Larsson, CISSP, CEH
Jimmy Larsson, CISSP, CEH used Ask the Experts™
This applies to TLS as well ass IPSec.

The purpose of the Diffie Hellman key exchange is to agree on a shared secret without sending it on the wire. I have always believed that every DH-session is unique with random large primes. Is DH using the same numbers every time when conneting to the same peer/device/server?

The reason for my question is that I read that PFS (Perfect Forward Secrecy) is being used on top of DH to make sure that the key is unique for every session.

Why PFS when we have DH? Does not compute. :)
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
"Batchelor", Developer and EE Topic Advisor
Top Expert 2015
With IPsec, the common terms are to use DH for phase 1 (IKE, ISAKMP) and PFS for phase 2. However, PFS is DH. PFS is used to make sure same content is not resulting in the same encryption at any time, bonding it on a timeline, so you cannot take encrypted traffic and try to use it later, as "the key" changes all the time. (This explanation is oversimplified, of course.)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial