We help IT Professionals succeed at work.

Why PFS when we have DH

This applies to TLS as well ass IPSec.

The purpose of the Diffie Hellman key exchange is to agree on a shared secret without sending it on the wire. I have always believed that every DH-session is unique with random large primes. Is DH using the same numbers every time when conneting to the same peer/device/server?

The reason for my question is that I read that PFS (Perfect Forward Secrecy) is being used on top of DH to make sure that the key is unique for every session.

Why PFS when we have DH? Does not compute. :)
Comment
Watch Question

"Batchelor", Developer and EE Topic Advisor
Top Expert 2015
Commented:
With IPsec, the common terms are to use DH for phase 1 (IKE, ISAKMP) and PFS for phase 2. However, PFS is DH. PFS is used to make sure same content is not resulting in the same encryption at any time, bonding it on a timeline, so you cannot take encrypted traffic and try to use it later, as "the key" changes all the time. (This explanation is oversimplified, of course.)