Long Term Privacy with Forward Secrecy
This week, Google activated a web privacy feature called “forward secrecy”, becoming one of the web’s first major players to put this important component in place. It’s an important step, and other sites should follow suit. In order to understand why enabling forward secrecy is so important, it’s helpful to know how HTTPS works in the first place.
HTTPS encrypts requests that your browser makes to web servers, and then encrypts the resulting pages. That makes the exchanged messages incomprehensible to anybody in between, such as your ISP or an eavesdropper. Each web server has a secret key, and only somebody with that secret key can decrypt the messages.1 That arrangement provides a basic layer of security from many online threats to your privacy.
(It’s worth noting that some websites that allow HTTPS connections don’t use them by default. To tell your browser to default to encrypted connections with over 1,000 sites, you can use our Firefox extension HTTPS Everywhere.)
Without forward secrecy enabled, the encrypted messages can be stored and decrypted with the private key at any time. That can lead to major issues: if your traffic has been intercepted, and the web server’s key is ever compromised, there’s no way to stop the attacker from decrypting and reading the old messages — even years later.
Forward secrecy is the way to address that threat. With forward secrecy enabled, some of the information that’s needed to decrypt those messages is ephemeral and never stored. That means that even if the secret key is compromised, only new encrypted traffic is at risk — and if the web server operator detects the attack, they can revoke the old secret key and create a new one.
This technique is already in use in other cryptographic technologies. One popular example is the Off-The-Record (OTR) messaging protocol, co-developed by 2011 EFF Pioneer Award winner Ian Goldberg. Because it uses forward secrecy, instant messages exchanged using OTR can only be decrypted with a private key at the time they are received, and encrypted messages that are intercepted and stored can never again be unscrambled and read.
Other web sites have implemented HTTPS with forward secrecy before — we have it enabled by default on https://www.eff.org/ — but it hasn’t yet been rolled out on a site of Google’s scale. Some sites have publicly resisted implementing forward secrecy because it is more CPU intensive than standard HTTP or HTTPS. In order to address that problem, Google made improvements to the open source OpenSSL library, and has incorporated those changes into the library for anybody to use.
Forward secrecy is an important step forward for web privacy, and we encourage sites, big and small, to follow Google’s lead in enabling it!
- 1. Technically, the web server’s secret key is used to encrypt data that becomes a new, random session key that is shared between the two parties. But because the session key is encrypted with the server key, a compromised server key can decrypt the session key, which can then decrypt the data.
Recent DeepLinks Posts
-
Jun 30, 2014
-
Jun 30, 2014
-
Jun 27, 2014
-
Jun 26, 2014
-
Jun 26, 2014
Deeplinks Topics
- Analog Hole
- Anonymity
- Anti-Counterfeiting Trade Agreement
- Biometrics
- Bloggers Under Fire
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- CALEA
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- CyberSLAPP
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA
- DMCA Rulemaking
- Do Not Track
- DRM
- E-Voting Rights
- EFF Europe
- Encrypting the Web
- Export Controls
- Fair Use and Intellectual Property: Defending the Balance
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2014 Copyright Review Process
- Free Speech
- FTAA
- Genetic Information Privacy
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- Innovation
- International
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- OECD
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- Patents
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Printers
- Privacy
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- RFID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Security
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- State Surveillance & Human Rights
- State-Sponsored Malware
- Student and Community Organizing
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- Trans-Pacific Partnership Agreement
- Transparency
- Travel Screening
- Trusted Computing
- Uncategorized
- Video Games
- Wikileaks
- WIPO