Propiedad de
un sistema de cifra que nos garantiza que las claves usadas hoy no se verán
descubiertas si el día de mañana se revela alguna información secreta
relacionada con dichas claves.
(I) For a key agreement
protocol, the property that compromises long-term keying material does not
compromise session keys that were previously derived from the long-term
material. (Compare: public-key forward secrecy.) [RFC4949:2007]
the property that knowledge
of As long-term private key subsequent to a key agreement operation does not
enable an opponent to recompute previously derived keys. [ISO-15946-3:2002]
the property that knowledge
of As long-term private key or knowledge of Bs long-term private key subsequent
to a key agreement operation does not enable an opponent to recompute
previously derived keys. [ISO-15946-3:2002]
the property that knowledge
of both As and Bs long-term private keys subsequent to a key agreement
operation does not enable an opponent to recompute previously derived keys.
[ISO-15946-3:2002]
A cryptosystem in which, if
one encryption key is compromised, only the data encrypted by that specific key
is compromised. Some cryptosystems allow keys to be derived from previous keys,
so that if the first key is compromised, an attacker might have enough
information to figure out other keys and/or decrypt data encrypted using those
keys.
http://www.watchguard.com/glossary/