1995-11-01 - Re: Perfect Forward Secrecy - is it worth it?
Header Data
From: “Perry E. Metzger” <perry@piermont.com>
To: Simon Spero <ses@tipper.oit.unc.edu>
Message Hash: f63ad08e7b776bd5f19d1f8aa3e36b0fab61d6e421d21e44a339fe5e0a0c4473
Message ID: <199511011619.LAA01986@jekyll.piermont.com>
Reply To: <Pine.SOL.3.91.951031141506.1151H-100000@chivalry>
UTC Datetime: 1995-11-01 17:06:05 UTC
Raw Date: Thu, 2 Nov 1995 01:06:05 +0800
Raw message
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 2 Nov 1995 01:06:05 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Perfect Forward Secrecy - is it worth it?
In-Reply-To: <Pine.SOL.3.91.951031141506.1151H-100000@chivalry>
Message-ID: <199511011619.LAA01986@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain
Simon Spero writes:
> Quick survey; how important is perfect forward secrecy to you?
Very. It makes one's life far easier. It makes protecting historical
traffic easy. Its a wonderful feature for a cryptosystem.
> In general, schemes offering PFS require a extra PK-op, and an extra
> round-trip when compared to non-PFS schemes. This cost is incurred once
> per "session", but can add on the order of seconds to startup times.
Well, things aren't that bad if you use eliptic curve variants on D-H,
or if you are very careful. See Phil Karn's work on this for Photuris...
Perry
Thread
- Return to October 1995
Return to November 1995
- Return to ““Perry E. Metzger” <perry@piermont.com>”
Return to “Simon Spero <ses@tipper.oit.unc.edu>”
- 1995-10-31 (Wed, 1 Nov 1995 07:48:45 +0800) - Perfect Forward Secrecy - is it worth it? - Simon Spero <ses@tipper.oit.unc.edu>
- 1995-11-01 (Thu, 2 Nov 1995 01:06:05 +0800) - Re: Perfect Forward Secrecy - is it worth it? - “Perry E. Metzger” <perry@piermont.com>