Forward secrecy is seen as an important security feature by several large Internet information providers. Since late 2011,
Google has provided forward secrecy with TLS by default to users of its
Gmail service, along with Google Docs and encrypted search among other services. Since November of 2013,
Twitter has provided forward secrecy with TLS to users of its
service. As of December 2013, 46.7% of TLS-enabled websites support some
of cipher suites which provide forward secrecy.
Forward secrecy is obtained by
generating new key material for each session, that is generating an
ephemeral key to be used for all messages of a conversation (e.g. by
using a Diffie–Hellman key exchange): in a worst-case scenario (such
as arrest with live forensics performed on the device to retrieve the
current ephemeral key in-memory), an adversary could only retroactively
decode the ciphertext for the messages exchanged during that
conversation, but none from the previous conversations.
Public-key systems which generate
random public keys per session for the purposes of key agreement which
are not based on any sort of deterministic algorithm demonstrate a
property referred to as
perfect forward secrecy. This means that the compromise of one
message cannot lead to the compromise of others, and also that there is
not a single secret value which can lead to the compromise of multiple
messages.
See also Twitter blog
Forward Secrecy at Twitter.
No comments:
Post a Comment