At the moment, information technology is dominated by 2 types of encryption:

The basics of symmetric encryption are simple enough to understand. The essence of it is that the same exact key is used to encrypt and decrypt data.

• In order to encrypt data, unencrypted data is converted using a key.
• In order to decrypt data, encrypted data is converted using the same key.

Asymmetric encryption was invented to solve the problem of key transmission over an insecure connection channel existing in symmetric encryption. It works as follows:

1. Instead of the single shared encryption key for all participants, there is a pair of keys (open/public and closed/private) for each of the participants
   1. A public key is a key that is publicly available to all who wish to encrypt data that can only be decrypted by a private key from the same pair of keys.
   2. A private key is used to decrypt data encrypted with the public key from the same pair of keys. In addition, there is a method of “encryption” via a private key, a digital signature, which makes it possible to verify that non-encrypted data has been signed by the owner of this private key (like a signature on a document, only much more difficult to forge).

At the moment, the most commonly used asymmetric encryption for exchanging symmetric encryption keys, ssl/tls, uses this exact model.

wikipedia article on subject

As the name suggests, this is a method of applying encryption when data is encrypted for a recipient, which makes the transfer of such data through intermediaries or centralized servers relatively secure. Unlike classic, older models in e2e encryption, the message is not encrypted for an intermediary or server that will send the message to the recipient, but directly to the recipient, which greatly reduces the risk of data leakage, but does not solve the problem of metadata leakage.

wikipedia article on subject

In a very short and simplified way, PFS is a method of using a combination of encryption algorithms so that encrypted data can no longer be decrypted following a successful decryption by the receiver. This is usually done by using a one-time “session” key that is immediately destroyed after successfully decrypting the encrypted data, which makes it impossible for a third party to decrypt even if it obtains access to the underlying encryption keys that both the sender and receiver have.