Lightboard Lessons: Unexpected Side Effects of Perfect Forward Secrecy
Published May 17, 2017
Version 1.0Was this article helpful?
It would only take compromising one of the random numbers because you could then take the known, calculated value from the other (because it is shared in plaintext) and create the shared bulk encryption key from there. This is why it's good to use ephemeral keys because the random numbers from client and server will change with every session. So, even if you compromised the random number for one session, you would only have the data from that one session...not all sessions. Hope this helps!