{"id":4181,"date":"2020-10-30T20:17:36","date_gmt":"2020-10-30T19:17:36","guid":{"rendered":"https:\/\/webhosting.de\/perfect-forward-secrecy-zukunftssichere-verschluesselung-fuer-webseiten\/"},"modified":"2020-10-30T20:17:36","modified_gmt":"2020-10-30T19:17:36","slug":"perfect-forward-secrecy-future-proof-encryption-for-websites","status":"publish","type":"post","link":"https:\/\/webhosting.de\/da\/perfect-forward-secrecy-zukunftssichere-verschluesselung-fuer-webseiten\/","title":{"rendered":"Perfect Forward Secrecy: fremtidssikret kryptering til websteder"},"content":{"rendered":"<p>Afsl\u00f8ringerne fra whistlebloweren Edward Snowden har vist, at NSA <a href=\"https:\/\/webhosting.de\/da\/personenbezogene-daten-sozialen-netzwerken\/\">Data<\/a> indsamles i massevis. Selv om den ikke kan dekryptere nogle af oplysningerne i dag, kan det blive muligt i fremtiden. Webmastere kan beskytte sig selv og deres bes\u00f8gende i dag mod dekryptering i morgen.<\/p>\n<p>Edward Snowden har vist verden, at ingen data er sikre for efterretningstjenesterne. De indsamler (som en sikkerhedsforanstaltning) alle de oplysninger, de st\u00f8der p\u00e5. Nogle af disse data er krypterede, f.eks. via en HTTPS-forbindelse. Dette omfatter websteder, hvor der overf\u00f8res f\u00f8lsomme data, k\u00f8b af et produkt eller log ind p\u00e5 en e-mail-konto eller brug af hjemmebank. Alle disse data bliver opsnappet, selv om de i dag er ubrugelige. Om f\u00e5 \u00e5r kan efterretningstjenesterne dekryptere dem.<\/p>\n<h2>S\u00e5rbarheden ved HTTPS<\/h2>\n<p>Hvad er Perfect Forward Secrecy, eller kort sagt PFS, helt pr\u00e6cist? For at forklare begrebet er det f\u00f8rst n\u00f8dvendigt at forklare, hvordan SSL-kryptering fungerer, som bruges p\u00e5 websteder, hvor der overf\u00f8res f\u00f8lsomme data.<\/p>\n<p>N\u00e5r du bes\u00f8ger vores <a href=\"https:\/\/webhosting.de\/da\/eine-eigene-webseite-fuer-ihr-unternehmen-ja-oder-nein\/\">Websted<\/a> hoster.online, vil en lille l\u00e5s v\u00e6re synlig i s\u00f8gefeltet i webbrowseren. Ved at klikke p\u00e5 l\u00e5sen \u00e5bnes oplysninger om SSL-certifikatet. Med endnu et klik kan du f\u00e5 vist oplysninger om den <a href=\"https:\/\/webhosting.de\/da\/plesk-letsencrypt-zertifikat-erstellen\/\">Certifikat<\/a> herunder f.eks. udl\u00f8bsdatoen.<\/p>\n<p>SSL-certifikater kan bruges af praktisk talt alle websteder. Forskellene ligger i<\/p>\n<p>- deres kryptering<br \/>\n- om de validerer dom\u00e6net eller identiteten og<br \/>\n- hvor h\u00f8j deres browserkompatibilitet er.<\/p>\n<p>Desuden findes der tre typer af certifikater:<\/p>\n<p>1. enkelt<br \/>\n2. jokertegn<br \/>\n3. multidom\u00e6ner<\/p>\n<p>SSL-certifikatet fungerer p\u00e5 f\u00f8lgende m\u00e5de: Brugeren surfer p\u00e5 et websted, f.eks. hoster.online. Browseren kontakter serveren, som leverer en offentlig n\u00f8gle, der er udstedt af certificeringsmyndigheden. Browseren kontrollerer signaturen fra certificeringsmyndigheden. Hvis dette er korrekt, udveksler den data med hoster.online. Fra da af overf\u00f8res alle data i krypteret form.<\/p>\n<h2>Perfekt forward secrecy som beskyttelse mod morgendagens metoder<\/h2>\n<p>Til den krypterede overf\u00f8rsel af en HTTPS-session foresl\u00e5r browseren en hemmelig sessionsn\u00f8gle hver gang. Serveren bekr\u00e6fter denne n\u00f8gle.<\/p>\n<p>Problemet med denne metode er, at efterretningstjenester som NSA kan optage transmissionen af n\u00f8glen. Inden for en overskuelig fremtid vil det v\u00e6re muligt at dekryptere den. Dette ville g\u00f8re det muligt for dem at l\u00e6se alle de data, der overf\u00f8res p\u00e5 hoster.online.<\/p>\n<p>Der har allerede tidligere v\u00e6ret problemer med HTTPS. Fejlen Heartbleed, som siden 2011 har udsat websteder for store sikkerhedss\u00e5rbarheder, har p\u00e5virket to ud af tre websteder p\u00e5 internettet. Heartbleed var en programmeringsfejl i OpenSSL-softwaren. Den gav hackere, der via HTTPs havde forbindelse til en server med en s\u00e5rbar version af OpenSSL, adgang til 64 KB af den private hukommelse. Angrebet fik servere til at l\u00e6kke cookies, adgangskoder og e-mailadresser. Store tjenester som Yahoo Mail og LastPass blev p\u00e5virket.<\/p>\n<p>L\u00f8sningen til s\u00e5danne scenarier er Perfect Forward Secrecy: Med den s\u00e5kaldte Diffie-Hellman-metode bliver de to kommunikationspartnere - i dette tilf\u00e6lde webbrowser og server - enige om en midlertidig sessionsn\u00f8gle. Dette sendes ikke p\u00e5 noget tidspunkt. S\u00e5 snart sessionen er afsluttet, destrueres n\u00f8glen.<\/p>\n<h2>PFS i praksis og i fremtiden<\/h2>\n<p>Desv\u00e6rre er der to d\u00e5rlige nyheder:<\/p>\n<p>1. Kun f\u00e5 websteder bruger PFS i \u00f8jeblikket.<br \/>\n2. Alle data, der hidtil er udvekslet, kan ikke l\u00e6ngere krypteres.<\/p>\n<p>Ikke desto mindre b\u00f8r websteder i det mindste implementere Perfect Forward Secrecy fra nu af for at sikre, at ingen data f\u00f8r eller senere kan l\u00e6ses p\u00e5 trods af kryptering.<\/p>\n<p>Til implementering af PFS anbefaler Ivan Ristic fra Security Labs f\u00f8lgende suiter:<\/p>\n<p>- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA<br \/>\n- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA<br \/>\n- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA<\/p>\n<p>Webmastere kan teste deres websted p\u00e5 ssllabs.com og derefter tr\u00e6ffe beslutning om passende foranstaltninger.<\/p>\n<p>Efter indf\u00f8relsen af Perfetct Forward Secrecy kan tjenester som NSA og BND kun l\u00e6se data ved hj\u00e6lp af man-in-the-middle-angreb. I alle andre tilf\u00e6lde vil FPS v\u00e6re en stor torn i \u00f8jet p\u00e5 aflyttere.<\/p>","protected":false},"excerpt":{"rendered":"<p>Die Enth\u00fcllungen von Whistleblower Edward Snowden haben gezeigt, dass die NSA Daten massenweise sammelt. Zwar kann sie einen Teil der Informationen heute nicht entschl\u00fcsseln, in Zukunft w\u00e4re dies unter Umst\u00e4nden m\u00f6glich. Webmaster k\u00f6nnen sich und ihre Besucher heute vor einer morgigen Entschl\u00fcsselung sch\u00fctzen. Edward Snowden hat der Welt gezeigt, dass keine Daten vor den Geheimdiensten [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":503,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_crdt_document":"","inline_featured_image":false,"footnotes":""},"categories":[673,794],"tags":[186,187],"class_list":["post-4181","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-computer_und_internet","category-sicherheit-computer_und_internet","tag-perfect-forward-secrecy","tag-pfs"],"acf":[],"_wp_attached_file":null,"_wp_attachment_metadata":null,"litespeed-optimize-size":null,"litespeed-optimize-set":null,"_elementor_source_image_hash":null,"_wp_attachment_image_alt":null,"stockpack_author_name":null,"stockpack_author_url":null,"stockpack_provider":null,"stockpack_image_url":null,"stockpack_license":null,"stockpack_license_url":null,"stockpack_modification":null,"color":null,"original_id":null,"original_url":null,"original_link":null,"unsplash_location":null,"unsplash_sponsor":null,"unsplash_exif":null,"unsplash_attachment_metadata":null,"_elementor_is_screenshot":null,"surfer_file_name":null,"surfer_file_original_url":null,"envato_tk_source_kit":null,"envato_tk_source_index":null,"envato_tk_manifest":null,"envato_tk_folder_name":null,"envato_tk_builder":null,"envato_elements_download_event":null,"_menu_item_type":null,"_menu_item_menu_item_parent":null,"_menu_item_object_id":null,"_menu_item_object":null,"_menu_item_target":null,"_menu_item_classes":null,"_menu_item_xfn":null,"_menu_item_url":null,"_trp_menu_languages":null,"rank_math_primary_category":null,"rank_math_title":null,"inline_featured_image":null,"_yoast_wpseo_primary_category":null,"rank_math_schema_blogposting":null,"rank_math_schema_videoobject":null,"_oembed_049c719bc4a9f89deaead66a7da9fddc":null,"_oembed_time_049c719bc4a9f89deaead66a7da9fddc":null,"_yoast_wpseo_focuskw":"","_yoast_wpseo_linkdex":null,"_oembed_27e3473bf8bec795fbeb3a9d38489348":null,"_oembed_c3b0f6959478faf92a1f343d8f96b19e":null,"_trp_translated_slug_en_us":null,"_wp_desired_post_slug":null,"_yoast_wpseo_title":null,"tldname":null,"tldpreis":null,"tldrubrik":null,"tldpolicylink":null,"tldsize":null,"tldregistrierungsdauer":null,"tldtransfer":null,"tldwhoisprivacy":null,"tldregistrarchange":null,"tldregistrantchange":null,"tldwhoisupdate":null,"tldnameserverupdate":null,"tlddeletesofort":null,"tlddeleteexpire":null,"tldumlaute":null,"tldrestore":null,"tldsubcategory":null,"tldbildname":null,"tldbildurl":null,"tldclean":null,"tldcategory":null,"tldpolicy":null,"tldbesonderheiten":null,"tld_bedeutung":null,"_oembed_d167040d816d8f94c072940c8009f5f8":null,"_oembed_b0a0fa59ef14f8870da2c63f2027d064":null,"_oembed_4792fa4dfb2a8f09ab950a73b7f313ba":null,"_oembed_33ceb1fe54a8ab775d9410abf699878d":null,"_oembed_fd7014d14d919b45ec004937c0db9335":null,"_oembed_21a029d076783ec3e8042698c351bd7e":null,"_oembed_be5ea8a0c7b18e658f08cc571a909452":null,"_oembed_a9ca7a298b19f9b48ec5914e010294d2":null,"_oembed_f8db6b27d08a2bb1f920e7647808899a":null,"_oembed_168ebde5096e77d8a89326519af9e022":null,"_oembed_cdb76f1b345b42743edfe25481b6f98f":null,"_oembed_87b0613611ae54e86e8864265404b0a1":null,"_oembed_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_oembed_time_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_tldname":null,"_tldclean":null,"_tldpreis":null,"_tldcategory":null,"_tldsubcategory":null,"_tldpolicy":null,"_tldpolicylink":null,"_tldsize":null,"_tldregistrierungsdauer":null,"_tldtransfer":null,"_tldwhoisprivacy":null,"_tldregistrarchange":null,"_tldregistrantchange":null,"_tldwhoisupdate":null,"_tldnameserverupdate":null,"_tlddeletesofort":null,"_tlddeleteexpire":null,"_tldumlaute":null,"_tldrestore":null,"_tldbildname":null,"_tldbildurl":null,"_tld_bedeutung":null,"_tldbesonderheiten":null,"_oembed_ad96e4112edb9f8ffa35731d4098bc6b":null,"_oembed_8357e2b8a2575c74ed5978f262a10126":null,"_oembed_3d5fea5103dd0d22ec5d6a33eff7f863":null,"_eael_widget_elements":null,"_oembed_0d8a206f09633e3d62b95a15a4dd0487":null,"_oembed_time_0d8a206f09633e3d62b95a15a4dd0487":null,"_aioseo_description":null,"_eb_attr":null,"_eb_data_table":null,"_oembed_819a879e7da16dd629cfd15a97334c8a":null,"_oembed_time_819a879e7da16dd629cfd15a97334c8a":null,"_acf_changed":null,"_wpcode_auto_insert":null,"_edit_last":null,"_edit_lock":null,"_oembed_e7b913c6c84084ed9702cb4feb012ddd":null,"_oembed_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_time_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_03514b67990db061d7c4672de26dc514":null,"_oembed_time_03514b67990db061d7c4672de26dc514":null,"rank_math_news_sitemap_robots":"index","rank_math_robots":["index"],"_eael_post_view_count":"4607","_trp_automatically_translated_slug_ru_ru":null,"_trp_automatically_translated_slug_et":"perfect-forward-secrecy-future-proof-encryption-for-websites","_trp_automatically_translated_slug_lv":"perfekts-forward-secrecy-forward-forward-secrecy-future-proof-encryption-for-websites","_trp_automatically_translated_slug_fr_fr":null,"_trp_automatically_translated_slug_en_us":null,"_wp_old_slug":null,"_trp_automatically_translated_slug_da_dk":null,"_trp_automatically_translated_slug_pl_pl":null,"_trp_automatically_translated_slug_es_es":null,"_trp_automatically_translated_slug_hu_hu":null,"_trp_automatically_translated_slug_fi":"taeydellinen-ennakointisalaisuus-tulevaisuuden-varma-salaus-verkkosivustoille","_trp_automatically_translated_slug_ja":"%e3%82%a6%e3%82%a7%e3%83%96%e3%82%b5%e3%82%a4%e3%83%88%e3%81%ae%e3%81%9f%e3%82%81%e3%81%ae%e5%ae%8c%e5%85%a8%e3%81%aa%e5%89%8d%e6%96%b9%e7%a7%98%e5%af%86%e6%9c%aa%e6%9d%a5%e3%81%ae%e5%ae%89%e5%85%a8","_trp_automatically_translated_slug_lt_lt":null,"_elementor_edit_mode":null,"_elementor_template_type":null,"_elementor_version":null,"_elementor_pro_version":null,"_wp_page_template":"default","_elementor_page_settings":null,"_elementor_data":null,"_elementor_css":null,"_elementor_conditions":null,"_happyaddons_elements_cache":null,"_oembed_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_time_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_time_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_59808117857ddf57e478a31d79f76e4d":null,"_oembed_time_59808117857ddf57e478a31d79f76e4d":null,"_oembed_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_time_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_81002f7ee3604f645db4ebcfd1912acf":null,"_oembed_time_81002f7ee3604f645db4ebcfd1912acf":null,"_elementor_screenshot":null,"_oembed_7ea3429961cf98fa85da9747683af827":null,"_oembed_time_7ea3429961cf98fa85da9747683af827":null,"_elementor_controls_usage":null,"_elementor_page_assets":[],"_elementor_screenshot_failed":null,"theplus_transient_widgets":["tp-video-player"],"_eael_custom_js":null,"_wp_old_date":null,"_trp_automatically_translated_slug_it_it":null,"_trp_automatically_translated_slug_pt_pt":null,"_trp_automatically_translated_slug_zh_cn":null,"_trp_automatically_translated_slug_nl_nl":null,"_trp_automatically_translated_slug_pt_br":null,"_trp_automatically_translated_slug_sv_se":null,"rank_math_analytic_object_id":"1021","rank_math_internal_links_processed":null,"_trp_automatically_translated_slug_ro_ro":null,"_trp_automatically_translated_slug_sk_sk":null,"_trp_automatically_translated_slug_bg_bg":null,"_trp_automatically_translated_slug_sl_si":null,"litespeed_vpi_list":["webhostinglogo.png"],"litespeed_vpi_list_mobile":["webhostinglogo.png"],"rank_math_seo_score":null,"rank_math_contentai_score":null,"ilj_limitincominglinks":null,"ilj_maxincominglinks":null,"ilj_limitoutgoinglinks":null,"ilj_maxoutgoinglinks":null,"ilj_limitlinksperparagraph":null,"ilj_linksperparagraph":null,"ilj_blacklistdefinition":null,"ilj_linkdefinition":["perfect forward secrecy: zukunftssichere verschl\u00fcsselung f\u00fcr webseiten"],"_eb_reusable_block_ids":[],"rank_math_focus_keyword":null,"rank_math_og_content_image":null,"_yoast_wpseo_metadesc":"","_yoast_wpseo_content_score":null,"_yoast_wpseo_focuskeywords":null,"_yoast_wpseo_keywordsynonyms":null,"_yoast_wpseo_estimated-reading-time-minutes":null,"rank_math_description":null,"surfer_last_post_update":null,"surfer_last_post_update_direction":null,"surfer_keywords":null,"surfer_location":null,"surfer_draft_id":null,"surfer_permalink_hash":null,"surfer_scrape_ready":null,"_thumbnail_id":"503","footnotes":null,"_links":{"self":[{"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/posts\/4181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/comments?post=4181"}],"version-history":[{"count":0,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/posts\/4181\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/media\/503"}],"wp:attachment":[{"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/media?parent=4181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/categories?post=4181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/tags?post=4181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}