Perfect Forward Secrecy

In order to keep past communications safe, official Telegram clients will initiate re-keying once a key has been used to decrypt and encrypt more than 100 messages, or has been in use for more than one week, provided the key has been used to encrypt at least one message.

Old keys are then securely discarded and cannot be reconstructed, even with access to the new keys currently in use.

Any client participating in a Secret Chat can initiate re-keying as soon as it perceives that the current key has been used for too long or for encrypting too many messages. Please note that you should never initiate a new instance of the re-keying protocol if an uncompleted instance exists, initiated by either party.

Since all re-keying instances are carried over the secure channel established when the secret chat is created, it is only necessary for the user to confirm that no MITM attack had taken place during the initial exchange. Therefore, the key visualization on the clients always uses the first 128-bits of the SHA-1 of the original key created when the Secret Chat was first established.


Wikipedia information about Forward Secrecy: Forward_secrecy