Twitter implements perfect forward secrecy in order to reduce traffic snooping

Twitter has implemented perfect forward secrecy on traffic to its website, in order to prevent communications from easily being captured and decrypted en masse. The new measure is one that clearly takes aim at the bulk data collection being done by the NSA.

[Twitter’s two-step authentication a good start, experts say]

While Twitter didn’t mention the NSA or other government agencies directly, it’s clear that the move was made as a direct response to the revelations that the NSA has been leeching data in bulk for years. Twitter isn’t alone with this endeavor, as Google implemented such a feature last year. For most firms, including Google, Yahoo, Twitter, Facebook, and Microsoft, it’s one thing to comply with a court order for data; it’s another thing entirely to find that the government has been harvesting it for years without your knowledge.

“Under traditional HTTPS, the client chooses a random session key, encrypts it using the server’s public key, and sends it over the network. Someone in possession of the server’s private key and some recorded traffic can decrypt the session key and use that to decrypt the entire session,” Twitter explained in a blog post.

With perfect forward secrecy, those in possession of encrypted data are prevented from easily decrypting it, even if they managed to obtain the secret key. This is because as each new communication session is established, perfect forward secrecy generates a new individual key to protect it. Thus, there is no master key to decrypt the encrypted sessions.

“Sites that use perfect forward secrecy can provide better security to users in cases where the encrypted data is being monitored and recorded by a third party. That particular threat may have once seemed unlikely, but we now know that the NSA does exactly this kind of long-term storage of at least some encrypted communications as they flow through telecommunications hubs,” the Electronic Frontier Foundation (EFF) explains in a document on the topic.

Over the summer, as the NSA’s questionable collection efforts were exposed by Edward Snowden. Since then, many of the Internet’s largest firms have fought to have the full scope of the data collection efforts they’re forced to comply with made publically available. To date, the government still maintains a gag order on full disclosure. So, while it’s only a stop-gap, perfect forward secrecy is the next best thing to strengthen the protections around data being harvested with little to no oversight.

[Twitter’s latest login security feature may be too complex for most users]

“A year and a half ago, Twitter was first served completely over HTTPS. Since then, it has become clearer and clearer how important that step was to protecting our users’ privacy… Security is an ever-changing world. Our work on deploying forward secrecy is just the latest way in which Twitter is trying to defend and protect the users voice in that world,” the company added.

The implementation of perfect forward secrecy will require some changes to Twitter’s server architecture, and may impose some slowdowns to data transmission. However, Twitter feels that the tradeoff between speed and secrecy is acceptable, and notes that the drop in speed would be barely noticeable for the most part. With the announcement, perfect forward secrecy has been enabled on all traffic on twitter.com, api.twitter.com, and mobile.twitter.com.

What perfect forward secrecy doesn’t do is protect stored data. It’s designed only for data that’s in motion. So Twitter still has to contend with that aspect of bulk collection and the legal requirements for compliance.

Twitter’s announcement is important when it comes to protecting communications online, but it isn’t the only valuable resource for perfect forward secrecy. If you’re an activist, journalist, or source, you should use Off-the-Record when communicating via Instant Message, as it uses perfect forward secrecy when sessions are established. Unfortunately, PGP does not, so if you require this, email isn’t an option yet.

In related news, Netcraft produced a report in June on the use of perfect forward secrecy, which noted that Internet Explorer did rather poorly when it comes to working with the protocol, and Safari wasn’t far behind. However, Firefox, Opera, and Chrome were all about equal when it came to support.

“Conspiracy theorists may be unsurprised that: Microsoft’s support for PFS is conspicuous by its absence across Internet Explorer, IIS, and some of its own web sites. Apple’s support for PFS in Safari is only slightly better; Russia, long-time target of US spies, is the home of the developer of Nginx, the web server which uses PFS most often; [and] almost all of the websites run by companies involved in the PRISM programme do not use PFS,” Netcraft reported.