Skip to main content

Implement perfect forward secrecy

Summary​

Critical communications should travel through a secure channel that implements perfect forward secrecy.

Description​

All communications between the client and the server should take place over channels that are protected and encrypted. Secure channels often use a single secret to encrypt all communications. Therefore, if that secret is breached, all past communications can be decrypted and compromised. Perfect forward secrecy is attained when each message in a conversation is encrypted using a different secret. Thus, if a secret is breached, only a small portion of a conversation can be compromised, which represents an increase in the overall security of the system.

Supported In​

This requirement is verified in following services:

PlanSupported
Machine🔴
Squad🟢
One-Shot🟢

References​