Hi All, I have recently been reading about password-based authentication schemes, especially EKE and its variants. The papers I've read on EKE, DH-EKE, and SPEKE all refer to their "perfect forward security," though I have been unable to find a formal definition of this property, or any detailed explanation of what this really means. Does the "forward security" refer to the fact that if Eve knows a "K" Alice and Bob used two weeks ago, she cannot assume either of their identities for a current transaction? Or does it mean that even if Eve knows the current "K" in use by Alice and Bob's session, she cannot impersonate either of them? Or does it mean something else?
Can someone better explain how the "forward security" found in EKE/DH-EKE/SPEKE works? Is it the same for each EKE variant, or does it work differently for each? Ashamedly Confused, - Anonymous. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
