Overview
New? Start here.
Value Creation
Sales Model
Governance Model
Delivery Model
Profile Model
Engagement Model
Revenue Recognition Model
Support Model
Concepts
What is SafeCDx?
Existing Standards as Foundations
Interoperability as a Fundamental Design Pillar
How a Connected Test gets registered and validated on the Platform
Smart Contracts, Consent, and Consent Enforcement
How an Actor gets registered and verified on the platform authenticated, authorized, and audited?
How is data exchange governed between Actors, Services, Applications, and Connectors?
How a Connected Test Transaction Works
Solution Guides
Embedded Connected Diagnostics
Care Automation
Return-to-Lab
At-Home Care
Novel Pathogen Early Detection
Primary Digital Care
Organization and Billing
Login to Safe Health
Organization Setup
Create Organization
Configure Organization
Workspace Setup
Configure Workspace
Create Workspace
Safe Health APIs
Create Service Account
How To
Make API Calls
Control API Access
Design
Architecture vs Design
Design Challenges
Design Goals
Standards Based Design
Data Standards
Design Patterns
Clinical Serialization Standards
Security Standards
Serialization Standards
Terminology Standards
Transport Standards
Stereographic Projection
Event-Driven Design
Cultural-Dependent Design
Service Interface Design
Contract-Based Design
Distributed Transaction Design
Testability Design
Code Generation Design
Science of Great User Experiences
Platform Architecture
CDx Conformance
CDX Model Conformance
CDX Server Conformance
CDX Registry Conformance
CDX Modeling Notation Conformance
CDX ESG Conformance
CDX Sidetree Conformance
Data
Bytes
Wire Protocol
Data Model
Spec Entity
Spec Clinical Entity
Spec Meta Model
Spec Clinical Meta Model
Spec Resources
Ontologies
Lifecycle
Network
Personal Area Network (PAN)
Local Area Network (LAN)
Wide Area Network (WAN)
Jurisdiction Area Network (JAN)
Transports
Transports
Transaction Management
gRPC
HTTP
GraphQL
Security
Our Approach to Security
Privacy
Consent-based Decryption
Performance
Threading Model
Extensibility
Interoperability
Systems
System of Record
Systems of Differentiation
Systems of Engagement
Configurations
Services
Connectors
Systems of Innovation
System Lifecycles
Value Planes
All Planes
Collapsed Planes
Customer Plane
Business Plane
Gateway Plane
Mesh Plane
Workload Plane
Data Plane
Event Plane
Profile Plane
Control Plane
Federation Plane
Hardware Plane
Network Plane
Physical Plane
Journeys
Actors
Users
Patients
Organization Representative
Providers
Partners
Service Accounts
System Owner Journey
System Developer Journey
System Governance Member Journey
System Consumer Journey
Patient Journey
Medical Device
Solutions
Applications
Block Chain
Visual Design
Glossary

Perfect Forward Secrecy (PFS)

Both Symmetric Encryption and Asymmetric Encryption have problems: one is Cheap but not Secure, the other one is Secure but not Cheap.

PFS combines Symmetric Encryption and Asymmetric Encryption in a way that makes it both Secure and Cheap. PFS is applied in various Transport Protocols and Message Protocols like HTTPS and SOAP.

A new Symmetric Key is created, which is used to Encrypt the data, which is Cheap.
The Symmetric Key is Encrypted with Asymmetric Encryption, which is Secure, and still Cheap because the Symmetric Key is quite small.
Both the Symmetric Encrypted data and the Asymmetrically Encrypted Symmetric Key are sent to the recipient.
The recipient will first decrypt the Symmetric Key key using Asymmetric Decryption and then use the Symmetric Key to decrypt the data.

Pages linking to this page

Title	Section
Encryption	fundamentals
Envelope Encryption	fundamentals
TLS	fundamentals