Implementing-cryptography-using-python
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Chapter 2 ■ Cryptographic Protocols and Perfect Secrecy 61
A public-key system has the property of PFS if it generates one random secrecy
key per session to complete a key agreement, without using a deterministic
algorithm. In essence, this guarantees that the compromise of one session cannot
compromise others in the future. To examine an example, let us assume that
Alice and Bob each generate a pair of long-term asymmetric private and public
keys; they then verify the public-key fingerprints in person or out of band
using an authenticated channel. The only thing the keys will be used for is
authentication; these keys will not be used for encryption. Alice and Bob use
the Diffie-Hellman key exchange algorithm to securely agree on an ephemeral
session key. Alice sends Bob a message, encrypting it with a symmetric cipher.
Bob decrypts Alice’s message using the key negotiated previously. The process
repeats for each message sent between the two parties.
PFS is designed to prevent the compromise of a long-term secret key from
affecting the confidentiality of past conversations. PFS cannot defend against
a successful cryptanalysis of the underlying ciphers being used, since a cryptanalysis
consists of finding a way to decrypt an encrypted message without
the key, and PFS only protects keys, not the ciphers themselves. If an attacker
can capture a conversation whose confidentiality is protected through the use
of public-key cryptography and wait until the underlying cipher is broken, this
would allow the recovery of old plaintexts even if a system is employing PFS.
PFS is present in a number of protocol implementations such as IPSec
(optional), SSH, STARTTLS, ATS, and Off-the-Record Messaging. Off-the-Record
Messaging is a cryptographic protocol that is used for instant-messaging clients.
PFS is a significant security used by several large internet information providers
such as Google. Since late 2011, Google provided forward secrecy with TLS by
default to users of its Gmail service, Google Docs service, and encrypted search
services. Facebook, as of May 2014, supports STARTTLS. TLS 2.4 (released in
August 2018) dropped support for ciphers that did not support PFS. ATS, which
stands for App Transport Security, is a security that is used by Apple on iOS
apps; it became mandatory on all its iOS devices after January 1, 2017.
We will explore PFS in more detail as we dig into the Diffie-Hellman key
exchange and elliptic curve Diffie-Hellman in Chapter 8.
Published and Proprietary Encryption Algorithms
In the late 19th century, Auguste Kerckhoffs stated:
The cipher method must not be required to be secret, and it must be able
to fall into the hands of the enemy without inconvenience.
Security must rely solely on secrecy of the key.