1. Known-key security

An outsider cannot compute the current session key even he knows some previous session keys.

2. Perfect forward secrecy

The compromise of the private keys of both the participating entities does not affect the security of the previous session keys.

3. Key-compromise impersonation resistance

Even though the client’s long-term private key is compromised, an adversary, who obtained the private key, cannot masquerade the server S and obtain the resulting session key.

4.

标签：keys,private,attack,session,compromise,key,Security,property,previous
来源： https://blog.csdn.net/weixin_44399975/article/details/121295154