Spy agency’s maths problem used to protect Twitter users
The company said that “perfect forward secrecy” (PFS) was now live on all its services, drastically increasing the effort required to intercept its traffic.
Jim Killock, director of the Open Rights Group, said it was a “policy move” driven by revelations about mass surveillance by the British security agency GCHQ and the American National Security Agency.
“Companies have now realised precisely how vulnerable their information is on the internet. It’s no longer a theoretical risk. We know it’s been going on now,” he said.
In June it was revealed that GCHQ was using a project called Tempora to scoop data from fibre optic cables entering and leaving the UK.
In standard encryption, each side of a communication generates paired keys — a public key telling others how to encrypt the messages a private one used to decode them when they arrive. The maths involved make it almost impossible to calculate the private key from the public one. But if an attacker acquires a company’s private key, it can read anything sent to and from that company’s servers.
PFS adds another stage where two machines collaborate on enormous sums to deduce a shared key which is never shared and never used again. That means an attacker would have to use a more complicated ‘man-in-the-middle’ strategy targeted at a single communication while it was still going on.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
