Perfect forward secrecy

In cryptography, perfect forward secrecy or PFS is a property of communication protocols that prevent retroactive compromise of communications.

For example, assume Alice and Bob have ongoing communication that involves both session keys which change fairly often and one or more long-term keys which change less often. The long-term keys might be public keys used for authentication, or shared secrets. Further assume an enemy who has an archive of A and B's messages over some time period and who has compromised a long-term key. Clearly such a compromise allows him to attack the protocol with the goal of obtaining future session keys and reading future messages.

The interesting question is whether compromise of a long-term key also allows him to obtain old session keys and read messages in his archive. Perfect forward secrecy is a guarantee that this is impossible.