The revelations of whistleblower Edward Snowden have shown that the NSA collects data en masse. Although it cannot decipher some of the information today, it may be possible in the future. Webmasters can protect themselves and their visitors today from tomorrow's decryption.
Edward Snowden has shown the world that no data is safe from the secret services. They collect (as a precaution) all information that comes their way. Some of this data is encrypted, for example via an HTTPS connection. This includes websites where sensitive data is transmitted, the purchase of a product or logging into an e-mail account or using home banking. All this data is intercepted, although it is useless today. In a few years, secret services could decode them.
The vulnerability of HTTPS
What exactly is Perfect Forward Secrecy, PFS for short? To explain the term, it is first necessary to explain how SSL encryption works, which is used on websites where sensitive data is transferred.
When visiting our website hoster.online, a small lock will be visible in the search bar of the web browser. Clicking on the lock opens information about the SSL certificate. With another click you can get information about the Certificate including, for example, the expiration date.
SSL Certificates can be used by virtually any website. The differences lie in
- their encryption
- whether they validate the domain or identity and
- how high their browser compatibility is.
There are also three types of certificates:
1st single
2nd wildcard
3. multi-domain
The SSL certificate works as follows: The user surfs to a website, for example hoster.online. His browser contacts the server, which specifies a public key issued by the certification authority. The browser checks the signature of the certification authority. If it is correct, it exchanges data with hoster.online. From now on all data will be transmitted encrypted.
Perfect Forward Secrecy as protection against the methods of tomorrow
For the encrypted transmission of an HTTPS session, the browser suggests a secret session key each time. The server confirms this key.
The problem with the method is that secret services such as the NSA can record the transmission of the key. In the foreseeable future, it might be possible to decrypt it. This would enable them to read all data transferred to hoster.online.
In the past there have been problems with HTTPS. The bug Heartbleed, which exposed websites to major security vulnerabilities since 2011, affected two out of three websites on the Internet. Heartbleed was a programming error in the OpenSSL software. It gave hackers connecting to a server with a vulnerable version of OpenSSL via HTTPs access to 64 KB of private storage. The attack caused servers to leak cookies, passwords and email addresses. Large services such as Yahoo Mail and LastPass were affected.
The solution for such scenarios is Perfect Forward Secrecy: With the so-called Diffie-Hellman method, the two communication partners - in this case web browser and server - agree on a temporary session key. This is not transmitted at any time. As soon as the session is closed, the key is destroyed.
PFS in practice and the future
Unfortunately, there are two pieces of bad news:
1. few websites currently use PFS
2. all data exchanged so far can no longer be encrypted
Nevertheless, websites should at least from now on implement Perfect Forward Secrecy to ensure that no data can be read sooner or later despite encryption.
Ivan Ristic from Security Labs recommends the following suites for implementing PFS:
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_3THE_EDE_CBC_SHA
Webmasters can test their website on ssllabs.com and then decide on appropriate measures.
After the implementation of Perfetct Forward Secrecy, services such as NSA and BND can only read data with man-in-the-middle attacks. In all other cases, FPS will be a major thorn in the side of the eavesdroppers.
