[LINK] Perfect Forward Secrecy

Jim Birch planetjim at gmail.com
Mon Nov 25 09:39:18 AEDT 2013 

I thought Twitter was for broadcasting to anyone willing to listen?

- Jim


On 23 November 2013 21:43, Frank O'Connor <francisoconnor3 at bigpond.com>wrote:

> Mmmm,
>
> Aside from the growing efficacy of brute force decryption and other
> methods made available by increasing CPU/GPU grunt, the key storage
> vulnerability is the one that was most worrying.
>
> And if major OS developers, server vendors and router vendors could be
> subverted (and there is increasing evidence to indicate that they have
> been) then the integrity of, and security surrounding, those keys is
> illusory.
>
> O another note ... I did some research in the early 90's on using PGP to
> provide secure e-mail for my employer. It was rejected (by DSD) because it
> was too secure ... they couldn't crack it. I'm wondering how they would go
> with it nowadays.
>
>                                                         Regards,
> ---
> On 23 Nov 2013, at 3:50 pm, stephen at melbpc.org.au wrote:
>
> > "Twitter tightens security against NSA snooping"
> >
> > The company calls on others to embrace 'perfect forward secrecy'
> >
> > By Martyn Williams (IDG News Service) 22 November, 2013
> >
> http://www.arnnet.com.au/article/532682/twitter_tightens_security_against_n
> > sa_snooping/
> >
> >
> > Twitter has implemented new security measures that should make it much
> more
> > difficult for anyone to eavesdrop on communications between its servers
> and
> > users, and is calling on other Internet companies to follow its lead.
> >
> > The company has implemented "perfect forward secrecy" on its Web and
> mobile
> > platforms, it said Friday. The technology should make it impossible for
> an
> > organization to eavesdrop on encrypted traffic today and decrypt it at
> some
> > point in the future.
> >
> > At present, the encryption between a user and the server is based around
> a
> > secret key held on the server. The data exchange cannot be read but it
> can
> > be recorded in its encrypted form. Because of the way the encryption
> works,
> > it's possible to decrypt the data at some point in the future should the
> > server's secret key ever be obtained.
> >
> > With perfect forward secrecy, the data encryption is based on two short-
> > lived keys that cannot be later recovered even with the knowledge of the
> > server key, so the data remains secure.
> >
> > It's an important principle, because while encryption traffic is
> difficult
> > to break with current computer technology, innovations in computing
> > hardware and systems might make it easier to break in the future. Perfect
> > forward secrecy should ensure data remains secure no matter the advances
> in
> > computer technology.
> >
> > Twitter didn't provide a reason for the switch, but it did link to a blog
> > post by the Electronic Frontier Foundation that suggested the method be
> > used as a way to stop the National Security Agency (NSA) or another party
> > from snooping on Internet communications ..
> >
> > In a blog post introducing the new security, the company said it believes
> > it "should be the new normal for web service owners."
> >
> > "If you are a webmaster, we encourage you to implement HTTPS for your
> site
> > and make it the default. If you already offer HTTPS, ensure your
> > implementation is hardened with HTTP Strict Transport Security, secure
> > cookies, certificate pinning, and Forward Secrecy. The security gains
> have
> > never been more important to implement."
> >
> > It's important to note that while the technology safeguards against
> > eavesdropping, it won't affect the ability of law enforcement agencies to
> > obtain information from Twitter through conventional legal channels.
> > --
> >
> >
> > And:
> https://www.eff.org/deeplinks/2013/08/pushing-perfect-forward-secrecy-
> > important-web-privacy-protection
> >
> > Pushing for Perfect Forward Secrecy, an Important Web Privacy Protection
> >
> > When you access a Web site over an encrypted connection, you're using a
> > protocol called HTTPS. But not all HTTPS connections are created equal.
> In
> > the first few milliseconds after a browser connects securely to a server,
> > an important choice is made: the browser sends a list of preferences for
> > what kind of encryption it's willing to support, and the server replies
> > with a verification certificate and picks a choice for encryption from
> the
> > browser's list. These different encryption choices are called "cipher
> > suites."
> >
> > Most of the time, users don't have to worry about which suite the
> browsers
> > and servers are using, but in some cases it can make a big difference.
> >
> > One important property is called "perfect forward secrecy," but only some
> > servers and only some browsers are configured to support it.
> >
> > Sites that use perfect forward secrecy can provide better security to
> users
> > in cases where the encrypted data is being monitored and recorded by a
> > third party. That particular threat may have once seemed unlikely, but we
> > now know that the NSA does exactly this kind of long-term storage of at
> > least some encrypted communications as they flow through
> telecommunications
> > hubs, in a collection effort it calls "upstream."
> >
> > How can perfect forward secrecy help protect user privacy against that
> kind
> > of threat?
> >
> > In order to understand that, it's helpful to have a basic idea of how
> HTTPS
> > works in general.
> >
> > Every Web server that uses HTTPS has its own secret key that it uses to
> > encrypt data that it sends to users. Specifically, it uses that secret
> key
> > to generate a new "session key" that only the server and the browser
> know.
> > Without that secret key, the traffic traveling back and forth between the
> > user and the server is incomprehensible, to the NSA and to any other
> > eavesdroppers.
> >
> > But imagine that some of that incomprehensible data is being recorded
> > anyway — as leaked NSA documents confirm the agency is doing.
> >
> > An eavesdropper who gets the secret key at any time in the future — even
> > years later — can use it to decrypt all of the stored data! That means
> that
> > the encrypted data, once stored, is only as secure as the secret key,
> which
> > may be vulnerable to compromised server security or disclosure by the
> > service provider.
> >
> > That's where perfect forward secrecy comes in.
> >
> > When an encrypted connection uses perfect forward secrecy, that means
> that
> > the session keys the server generates are truly ephemeral, and even
> > somebody with access to the secret key can't later derive the relevant
> > session key that would allow her to decrypt any particular HTTPS session.
> >
> > So intercepted encrypted data is protected from prying eyes long into the
> > future, even if the website's secret key is later compromised.
> >
> > It's important to note that no flavor of HTTPS, on its own, will protect
> > the data once it's on the server.
> >
> > Web services should definitely take precautions to protect that data,
> too.
> > Services should give user data the strongest legal protection possible,
> and
> > minimize what they collect and store in the first place. But against the
> > known threat of "upstream" data collection, supporting perfect forward
> > secrecy is an essential step.
> >
> > So who protects long-term privacy by supporting perfect forward secrecy?
> >
> > Unfortunately, it's not a very long list — but it's growing. Google made
> > headlines when it became the first major web player to enable the feature
> > in November of 2011. Facebook announced last month that, as part of
> > security efforts that included turning on HTTPS by default for all users,
> > it would enable perfect forward secrecy soon.
> >
> > And while it doesn't serve the same volume as those other sites,
> > www.eff.org is also configured to use perfect forward secrecy.
> >
> > Outside of the web, emails encrypted using the OpenPGP standard do not
> have
> > forward secrecy, but instant messages (or text messages) encrypted using
> > the OTR protocol do.
> >
> > Supporting the right cipher suites — and today, for the Web, that means
> > ones that support perfect forward secrecy — is an important component of
> > doing security correctly.
> >
> > But sites may need encouragement from users because, like HTTPS
> generally,
> > supporting perfect forward secrecy doesn't come completely without a
> cost.
> >
> > In particular, it requires more computational resources to calculate the
> > truly ephemeral session keys required.
> >
> > It may not be as obvious a step as simply enabling HTTPS, but turning on
> > perfect forward secrecy is an important improvement that protects users.
> > More sites should enable it, and more users should demand it of the sites
> > they trust with their private data.
> >
> > --
> >
> > Message sent using MelbPC WebMail Server
> >
> >
> >
> > _______________________________________________
> > Link mailing list
> > Link at mailman.anu.edu.au
> > http://mailman.anu.edu.au/mailman/listinfo/link
>
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>

More information about the Link mailing list