asked on Why PFS when we have DH
This applies to TLS as well ass IPSec.
The purpose of the Diffie Hellman key exchange is to agree on a shared secret without sending it on the wire. I have always believed that every DH-session is unique with random large primes. Is DH using the same numbers every time when conneting to the same peer/device/server?
The reason for my question is that I read that PFS (Perfect Forward Secrecy) is being used on top of DH to make sure that the key is unique for every session.
Why PFS when we have DH? Does not compute. :)
The purpose of the Diffie Hellman key exchange is to agree on a shared secret without sending it on the wire. I have always believed that every DH-session is unique with random large primes. Is DH using the same numbers every time when conneting to the same peer/device/server?
The reason for my question is that I read that PFS (Perfect Forward Secrecy) is being used on top of DH to make sure that the key is unique for every session.
Why PFS when we have DH? Does not compute. :)
* tls/sslInternet Protocol Security* Cryptography
Last Comment
Qlemo
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.