Forward Secrecy and Its Application to Future Mobile Communications Security

Perfect forward secrecy, one of the possible security features provided by key establishment protocols, concerns dependency of a session key upon long-term secret keys (symmetric or asymmetric). The feature promises that even if a long-term private key is disclosed to any adversary, the session keys established in the protocol runs using the long-term key would not be compromised. The importance of this kind of belief may differ greatly among application environments, in terms of both communication types and different communicating entities. We describe two generic prototypes of protocols which bring forward secrecy to security protocols. We note that future generation mobile communication environment will be filled with diverse types of communication users and data. The security protocol in a prominent future mobile system, UMTS, was originally designed without any consideration of perfect forward secrecy. We consider modified protocols to provide this property.