CompTIA Security+ (SY0-601) — Question 242

If a current private key is compromised, which of the following would ensure it cannot be used to decrypt all historical data?

Answer options

• A. Perfect forward secrecy
• B. Elliptic-curve cryptography
• C. Key stretching
• D. Homomorphic encryption

Correct answer: A

Explanation

Perfect forward secrecy ensures that even if a private key is compromised, past sessions remain secure as each session key is unique and derived independently. The other options, while they enhance security in various ways, do not prevent the risk of historical data being decrypted if the key is compromised.