Which statement defines forward secrecy?

Forward secrecy means the keys that encrypt a session are created for that session and are not tied to or saved with long-term keys. By using ephemeral key exchange (like ephemeral Diffie-Hellman), a unique session key is generated for each connection and discarded after the session ends. This way, even if the server’s long-term private key is compromised later, past communications remain unread because they were protected by session keys that were never derived from those long-term keys. The statement “session keys are not compromised if long-term keys are exposed” captures this idea. Reuse of captured data, downgrading to weaker protocols, or exploiting hardware weaknesses do not describe forward secrecy.