What Is Perfect Forward Secrecy and How to Enable It

Reading time: 7 min read
Maxym Chekalov
Written by
Maxym Chekalov

Updated · Nov 17, 2023

Maxym Chekalov
SEO Specialist | Joined June 2023 | LinkedIn
Maxym Chekalov

With a master's degree in telecommunications and over 15 years of working experience in telecommunic... | See full bio

Florence Desiata
Edited by
Florence Desiata


Florence Desiata
Joined June 2023 | LinkedIn
Florence Desiata

Florence is a dedicated wordsmith on a mission to make technology-related topics easy-to-understand.... | See full bio

Techjury is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more.

If you plan on using TLS/SSL connections, ensuring the security of session keys is crucial, even if the private key becomes compromised.

Perfect Forward Secrecy (PFS) comes to the rescue by allowing control over the encryption keys, preventing attackers from accessing previous messages.

Read on to understand perfect forward secrecy (PFS) and how to enable it to your advantage.

Key Takeaways:

  • Perfect forward secrecy protects past messages through encryption.
  • Enabling PFS makes it harder for hackers to look into past or future sessions.
  • Data can only be decrypted using the original key of the server.

Enabling Perfect Forward Secrecy

Perfect Forward Secrecy (PFS) is an encryption scheme that changes the keys to encrypt and decrypt information. 

It also prohibits hackers from decrypting data from previous or future sessions, even if they steal at some point the private keys used in an individual session.

What is a private key?

A private key, also called a secret key, is a cryptographic variable used with an algorithm to encrypt and decrypt data. Only those parties with permission to decode the data should have access to secret keys.

As a result, hackers cannot access the session key through decryption without first interacting with the key negotiation and exchange process. This requires significantly more work than other cyber attack methods.

All major web browsers support PFS. Google has been using it for years with Gmail, and Apple made it within iOS a requirement on the App Store in 2017. 

As more companies force customer adoption, the growth of PFS is expected to continue. Understanding how perfect forward secrecy works can help you secure past and future communications.

Understanding How Perfect Forward Secrecy Works

Implementing perfect forward secrecy is one technique to reduce the risks of a stolen server's private key. 

It overcame its vulnerabilities using a key exchange algorithm called Ephemeral Diffie-Hellman (DHE) or the Ephemeral Elliptic Curve Diffie-Hellman (ECDHE).

If the client wants to communicate with the server, they generate a pre-primary secret and encrypt it with the server's special key. The rest of the conversation is encrypted with this pre-primary secret key by both users.


The only people who can decrypt what the client and server discussed are those who know the original key of the server. 

When malicious actors try to attack, they can only read data related to a certain exchange if they recover the private keys for that exchange. 

Due to the intricacy of the mathematical calculations involved in producing a single session key, even a brute-force attack to hack the key cannot be performed efficiently.


Without PFS, malicious actors can spy on the server's communication without being detected. The reason is that the server uses the same key to encrypt each pre-primary secret with each client.

One of the benefits of Perfect Forward Secrecy is that it gives significantly superior protection by generating unique session keys for each transaction. 

Even if a hacker obtains a private key for a transaction, they can only view that exchange's data.

PFS decreases the amount of information vulnerable if a hack is successful, reducing the likelihood of hackers attempting to access secure data on the server. 

If the hackers successfully crack the private key, the work required may be insufficient for the limited data they can access. 

Good to know!

Implementing Perfect Forward Secrecy (PFS) with Ephemeral Diffie-Hellman or Ephemeral Elliptic Curve Diffie-Hellman key exchange ensures that even if a hacker manages to crack the private key, the effort required may not be worth the limited data they can access, making servers with PFS less attractive targets for cyberattacks.

However, while there is no guarantee that no one will try to obtain unauthorized access to your servers, it makes you a less attractive target.

NGINX Configuration

NGINX is open-source software that you can use for the following:

  • web serving, 
  • reverse proxying,
  • caching, 
  • media streaming, and 
  • load balancing, among others. 

It began as a web server intended for maximum stability and performance.

Your web server and SSL/TLS library should support Elliptic Curve cryptography (ECC) before configuring your NGINX server for Forward Secrecy. 

It is a technique used to secure applications and can reduce their computational impact.

The ECC is a smaller key that can provide security for devices with low computational resources and memory.

Here is how you enable PFS through NGINX:

Step 1: Locate your SSL configuration, assuming that /etc/nginx is the base directory.

grep -r ssl_protocol /etc/nginx

  • The command will project the available Server Blocks.
  • Open the Server Block for which Forward Secrecy is enabled.

Step 2: Add these lines to the configuration.

ssl_protocols TLSv1.2 TLSv1.1 TLSv1;

ssl_prefer_server_ciphers on;

Step 3: Set the SSL cipher depending on your browser's compatibility. You have plenty to choose from, but the cipher currently recommended is:


Step 4: Using this, restart Nginx:

sudo service nginx restart

Step 5: Use Discovery to test your configuration to ensure that Forward Secrecy is enabled.

Step 6: After this, you have now successfully set Forward Secrecy.

Compared to other web servers, NGINX is more secure and has a smaller codebase. A web server and a reverse proxy server can be used with NGINX.


Apache Configuration

Apache is the web server that handles HTTP requests and serves online assets and information. 

It is frequently used with the following:

  • MySQL database engine, 
  • the PHP scripting language, and 
  • other popular scripting languages like Python and Perl.

Here is how you enable PFS through Apache:

Step 1: Locate your SSL protocol configuration using this

grep -i -r "SSLEngine" /etc/apache

  • The command will project the available Virtual Hosts.
  • Open the Virtual Host for which Forward Secrecy is enabled.

Step 2: Add these lines to the configuration.

SSLProtocol all -SSLv2 -SSLv3

SSLHonorCipherOrder on

Step 3: Set the SSL cipher:


Step 4: Using this, restart Apache:

apachectl -k restart

Step 5: Use Discovery to test your configuration to ensure that Forward Secrecy is enabled.

Step 6: After this, you have now successfully set Forward Secrecy.

Your server must prioritize certain security methods for them to work. If the server prioritizes another form of security, that's the one that will be used. 

If you adopt perfect forward secrecy, you should disable all other security methods. This is due to an SSL/TLS vulnerability known as the FREAK Attack.

What is a FREAK Attack?

A FREAK (Factoring RSA Export Keys) attack was a security vulnerability that affected some SSL/TLS implementations. It was discovered in 2015 but has since been mitigated. 

Attackers can exploit the vulnerability to intercept HTTPS connections between susceptible clients and servers and force them to utilize 'export-grade' cryptography, which can then be decrypted or manipulated.

It is also important to disable lengthy duration session IDs or session tickets. These retain session-related information for extended periods after the user's session. 

Sometimes, session tickets may remain in a server's memory until the system is rebooted.

The PFS offers security so one's right to private correspondence is not violated.

The Importance of Perfect Forward Secrecy

In an ideal world where every organization or person follows secure key management best practices, PFS is unnecessary, and forward secrecy would have been fine. 

However, since cyber criminals are on the hunt to find more sophisticated ways to get people's private keys to decrypt data from previously intercepted sessions, then it means that the server's private keys are susceptible to compromise.

Perfect forward secrecy protects future compromises of secret keys or passwords from previous sessions.

It also ensures that previously recorded and encrypted sessions and communications cannot be accessed and decrypted in the future by an attacker who compromises long-term secret keys.

This is why decrypting PFS is only through installing an agent on the server or routing traffic through a set of TLS inspection devices.

Good to Know!

Perfect Forward Secrecy (PFS) safeguards against future decryption of previously recorded sessions and communications by attackers, protecting secret keys or passwords from compromise and ensuring data remains secure even if server private keys are breached.


Before, implementation complexity was a barrier to establishing perfect forward secrecy. Implementing modern load balancers and other packaged solutions is easier than ever.

With an ECC certificate to negotiate fast SSL/TLS encryption with PFS and an RSA certificate as a backup for compatibility with older browsers, it can optimally implement PFS.

Using PFS will help secure past and future sessions. Not only will it secure current sessions, but it also secures the past and the future.


What is the Difference Between Forward Secrecy vs Perfect Forward Secrecy?

Perfect Forward Secrecy is a protocol or system feature that ensures that an unauthorized individual who acquires the private key cannot decrypt the session keys. On the other hand, Forward Secrecy is the property of individual sessions that ensures that an eavesdropper who acquires the session key material does not have access to session keys.

Can I avoid using Perfect Forward Secrecy?

Without perfect forward secrecy, a malicious actor can spy stealthily on your server’s communications because the server uses the same key to encrypt the client’s pre-primary secret.

Which method provides PFS?

A cryptographic protocol achieves perfect forward secrecy if the compromise of long-term keys does not allow a malicious attacker to access past session keys.


Facebook LinkedIn Twitter
Leave your comment

Your email address will not be published.