{"id":4181,"date":"2020-10-30T20:17:36","date_gmt":"2020-10-30T19:17:36","guid":{"rendered":"https:\/\/webhosting.de\/perfect-forward-secrecy-zukunftssichere-verschluesselung-fuer-webseiten\/"},"modified":"2020-10-30T20:17:36","modified_gmt":"2020-10-30T19:17:36","slug":"perfect-forward-secrecy-future-proof-encryption-for-websites","status":"publish","type":"post","link":"https:\/\/webhosting.de\/sv\/perfect-forward-secrecy-zukunftssichere-verschluesselung-fuer-webseiten\/","title":{"rendered":"Perfect Forward Secrecy: framtidss\u00e4ker kryptering f\u00f6r webbplatser"},"content":{"rendered":"<p>Avsl\u00f6jandena fr\u00e5n visselbl\u00e5saren Edward Snowden har visat att NSA <a href=\"https:\/\/webhosting.de\/sv\/personenbezogene-daten-sozialen-netzwerken\/\">Uppgifter<\/a> samlas in i stora m\u00e4ngder. \u00c4ven om det inte g\u00e5r att dekryptera en del av informationen idag, kan det bli m\u00f6jligt i framtiden. Webmasters kan skydda sig sj\u00e4lva och sina bes\u00f6kare idag mot dekryptering imorgon.<\/p>\n<p>Edward Snowden har visat v\u00e4rlden att inga uppgifter \u00e4r s\u00e4kra f\u00f6r underr\u00e4ttelsetj\u00e4nsterna. De samlar (som en f\u00f6rsiktighets\u00e5tg\u00e4rd) in all information som korsar deras v\u00e4g. En del av dessa uppgifter \u00e4r krypterade, till exempel via en HTTPS-anslutning. Detta omfattar webbplatser d\u00e4r k\u00e4nsliga uppgifter \u00f6verf\u00f6rs, k\u00f6p av en produkt, inloggning p\u00e5 ett e-postkonto eller anv\u00e4ndning av hembank. Alla dessa uppgifter avlyssnas, \u00e4ven om de \u00e4r v\u00e4rdel\u00f6sa i dag. Om n\u00e5gra \u00e5r kan underr\u00e4ttelsetj\u00e4nsterna avkryptera den.<\/p>\n<h2>S\u00e5rbarheten hos HTTPS<\/h2>\n<p>Vad exakt \u00e4r Perfect Forward Secrecy, eller PFS f\u00f6rkortat? F\u00f6r att f\u00f6rklara termen m\u00e5ste man f\u00f6rst f\u00f6rklara hur SSL-kryptering fungerar, som anv\u00e4nds p\u00e5 webbplatser d\u00e4r k\u00e4nsliga uppgifter \u00f6verf\u00f6rs.<\/p>\n<p>N\u00e4r du bes\u00f6ker v\u00e5r <a href=\"https:\/\/webhosting.de\/sv\/eine-eigene-webseite-fuer-ihr-unternehmen-ja-oder-nein\/\">Webbplats<\/a> hoster.online, kommer ett litet l\u00e5s att synas i s\u00f6kf\u00e4ltet i webbl\u00e4saren. Genom att klicka p\u00e5 l\u00e5set \u00f6ppnas information om SSL-certifikatet. Med ytterligare ett klick kan du visa information om <a href=\"https:\/\/webhosting.de\/sv\/plesk-letsencrypt-zertifikat-erstellen\/\">Certifikat<\/a> inklusive t.ex. utg\u00e5ngsdatum.<\/p>\n<p>SSL-certifikat kan anv\u00e4ndas av praktiskt taget alla webbplatser. Skillnaderna ligger i<\/p>\n<p>- deras kryptering<br \/>\n- om de validerar dom\u00e4nen eller identiteten, och<br \/>\n- hur h\u00f6g deras kompatibilitet med webbl\u00e4sare \u00e4r.<\/p>\n<p>Dessutom finns det tre typer av certifikat:<\/p>\n<p>1. singel<br \/>\n2. jokertecken<br \/>\n3. flera omr\u00e5den<\/p>\n<p>SSL-certifikatet fungerar p\u00e5 f\u00f6ljande s\u00e4tt: Anv\u00e4ndaren surfar p\u00e5 en webbplats, till exempel hoster.online. Webbl\u00e4saren kontaktar servern, som anger en offentlig nyckel som utf\u00e4rdats av certifieringsmyndigheten. Webbl\u00e4saren kontrollerar certifieringsmyndighetens signatur. Om detta \u00e4r korrekt utbyter den data med hoster.online. Fr\u00e5n och med nu \u00f6verf\u00f6rs alla uppgifter i krypterad form.<\/p>\n<h2>Perfekt sekretess i f\u00f6rv\u00e4g som skydd mot morgondagens metoder<\/h2>\n<p>F\u00f6r krypterad \u00f6verf\u00f6ring av en HTTPS-session f\u00f6resl\u00e5r webbl\u00e4saren en hemlig sessionsnyckel varje g\u00e5ng. Servern bekr\u00e4ftar nyckeln.<\/p>\n<p>Problemet med metoden \u00e4r att underr\u00e4ttelsetj\u00e4nster som NSA kan spela in \u00f6verf\u00f6ringen av nyckeln. Inom en \u00f6versk\u00e5dlig framtid skulle det vara m\u00f6jligt f\u00f6r dem att avkryptera den. P\u00e5 s\u00e5 s\u00e4tt kan de l\u00e4sa alla uppgifter som \u00f6verf\u00f6rs till hoster.online.<\/p>\n<p>Det har tidigare funnits problem med HTTPS. Buggen Heartbleed, som sedan 2011 har utsatt webbplatser f\u00f6r stora s\u00e4kerhetsproblem, p\u00e5verkade tv\u00e5 av tre webbplatser p\u00e5 Internet. Heartbleed var ett programmeringsfel i programvaran OpenSSL. Den gav hackare som ansl\u00f6t via HTTP till en server som k\u00f6rde en s\u00e5rbar version av OpenSSL tillg\u00e5ng till 64 KB privat minne. Attacken ledde till att servrar l\u00e4ckte cookies, l\u00f6senord och e-postadresser. Stora tj\u00e4nster som Yahoo Mail och LastPass p\u00e5verkades.<\/p>\n<p>L\u00f6sningen f\u00f6r s\u00e5dana scenarier \u00e4r Perfect Forward Secrecy: Med den s\u00e5 kallade Diffie-Hellman-metoden kommer de tv\u00e5 kommunikationspartnerna - i det h\u00e4r fallet webbl\u00e4sare och server - \u00f6verens om en tillf\u00e4llig sessionsnyckel. Denna nyckel \u00f6verf\u00f6rs inte vid n\u00e5got tillf\u00e4lle. S\u00e5 snart sessionen \u00e4r avslutad f\u00f6rst\u00f6rs nyckeln.<\/p>\n<h2>PFS i praktiken och i framtiden<\/h2>\n<p>Tyv\u00e4rr finns det tv\u00e5 d\u00e5liga nyheter:<\/p>\n<p>1. F\u00f6r n\u00e4rvarande \u00e4r det bara ett f\u00e5tal webbplatser som anv\u00e4nder PFS.<br \/>\n2. Alla uppgifter som hittills har utbytts kan inte l\u00e4ngre krypteras.<\/p>\n<p>Webbplatser b\u00f6r dock \u00e5tminstone inf\u00f6ra Perfect Forward Secrecy fr\u00e5n och med nu f\u00f6r att se till att ingen data kan l\u00e4sas f\u00f6rr eller senare trots kryptering.<\/p>\n<p>F\u00f6r att implementera PFS rekommenderar Ivan Ristic fr\u00e5n Security Labs f\u00f6ljande sviter:<\/p>\n<p>- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA<br \/>\n- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA<br \/>\n- TLS_ECDHE_RSA_MED_3DES_EDE_CBC_SHA<\/p>\n<p>Webmasters kan testa sin webbplats p\u00e5 ssllabs.com och sedan besluta om l\u00e4mpliga \u00e5tg\u00e4rder.<\/p>\n<p>Efter inf\u00f6randet av Perfetct Forward Secrecy kan tj\u00e4nster som NSA och BND endast l\u00e4sa data med hj\u00e4lp av man-in-the-middle-attacker. I alla andra fall kommer FPS att vara ett stort problem f\u00f6r avlyssnarna.<\/p>","protected":false},"excerpt":{"rendered":"<p>Die Enth\u00fcllungen von Whistleblower Edward Snowden haben gezeigt, dass die NSA Daten massenweise sammelt. Zwar kann sie einen Teil der Informationen heute nicht entschl\u00fcsseln, in Zukunft w\u00e4re dies unter Umst\u00e4nden m\u00f6glich. Webmaster k\u00f6nnen sich und ihre Besucher heute vor einer morgigen Entschl\u00fcsselung sch\u00fctzen. Edward Snowden hat der Welt gezeigt, dass keine Daten vor den Geheimdiensten [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":503,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_crdt_document":"","inline_featured_image":false,"footnotes":""},"categories":[673,794],"tags":[186,187],"class_list":["post-4181","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-computer_und_internet","category-sicherheit-computer_und_internet","tag-perfect-forward-secrecy","tag-pfs"],"acf":[],"_wp_attached_file":null,"_wp_attachment_metadata":null,"litespeed-optimize-size":null,"litespeed-optimize-set":null,"_elementor_source_image_hash":null,"_wp_attachment_image_alt":null,"stockpack_author_name":null,"stockpack_author_url":null,"stockpack_provider":null,"stockpack_image_url":null,"stockpack_license":null,"stockpack_license_url":null,"stockpack_modification":null,"color":null,"original_id":null,"original_url":null,"original_link":null,"unsplash_location":null,"unsplash_sponsor":null,"unsplash_exif":null,"unsplash_attachment_metadata":null,"_elementor_is_screenshot":null,"surfer_file_name":null,"surfer_file_original_url":null,"envato_tk_source_kit":null,"envato_tk_source_index":null,"envato_tk_manifest":null,"envato_tk_folder_name":null,"envato_tk_builder":null,"envato_elements_download_event":null,"_menu_item_type":null,"_menu_item_menu_item_parent":null,"_menu_item_object_id":null,"_menu_item_object":null,"_menu_item_target":null,"_menu_item_classes":null,"_menu_item_xfn":null,"_menu_item_url":null,"_trp_menu_languages":null,"rank_math_primary_category":null,"rank_math_title":null,"inline_featured_image":null,"_yoast_wpseo_primary_category":null,"rank_math_schema_blogposting":null,"rank_math_schema_videoobject":null,"_oembed_049c719bc4a9f89deaead66a7da9fddc":null,"_oembed_time_049c719bc4a9f89deaead66a7da9fddc":null,"_yoast_wpseo_focuskw":"","_yoast_wpseo_linkdex":null,"_oembed_27e3473bf8bec795fbeb3a9d38489348":null,"_oembed_c3b0f6959478faf92a1f343d8f96b19e":null,"_trp_translated_slug_en_us":null,"_wp_desired_post_slug":null,"_yoast_wpseo_title":null,"tldname":null,"tldpreis":null,"tldrubrik":null,"tldpolicylink":null,"tldsize":null,"tldregistrierungsdauer":null,"tldtransfer":null,"tldwhoisprivacy":null,"tldregistrarchange":null,"tldregistrantchange":null,"tldwhoisupdate":null,"tldnameserverupdate":null,"tlddeletesofort":null,"tlddeleteexpire":null,"tldumlaute":null,"tldrestore":null,"tldsubcategory":null,"tldbildname":null,"tldbildurl":null,"tldclean":null,"tldcategory":null,"tldpolicy":null,"tldbesonderheiten":null,"tld_bedeutung":null,"_oembed_d167040d816d8f94c072940c8009f5f8":null,"_oembed_b0a0fa59ef14f8870da2c63f2027d064":null,"_oembed_4792fa4dfb2a8f09ab950a73b7f313ba":null,"_oembed_33ceb1fe54a8ab775d9410abf699878d":null,"_oembed_fd7014d14d919b45ec004937c0db9335":null,"_oembed_21a029d076783ec3e8042698c351bd7e":null,"_oembed_be5ea8a0c7b18e658f08cc571a909452":null,"_oembed_a9ca7a298b19f9b48ec5914e010294d2":null,"_oembed_f8db6b27d08a2bb1f920e7647808899a":null,"_oembed_168ebde5096e77d8a89326519af9e022":null,"_oembed_cdb76f1b345b42743edfe25481b6f98f":null,"_oembed_87b0613611ae54e86e8864265404b0a1":null,"_oembed_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_oembed_time_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_tldname":null,"_tldclean":null,"_tldpreis":null,"_tldcategory":null,"_tldsubcategory":null,"_tldpolicy":null,"_tldpolicylink":null,"_tldsize":null,"_tldregistrierungsdauer":null,"_tldtransfer":null,"_tldwhoisprivacy":null,"_tldregistrarchange":null,"_tldregistrantchange":null,"_tldwhoisupdate":null,"_tldnameserverupdate":null,"_tlddeletesofort":null,"_tlddeleteexpire":null,"_tldumlaute":null,"_tldrestore":null,"_tldbildname":null,"_tldbildurl":null,"_tld_bedeutung":null,"_tldbesonderheiten":null,"_oembed_ad96e4112edb9f8ffa35731d4098bc6b":null,"_oembed_8357e2b8a2575c74ed5978f262a10126":null,"_oembed_3d5fea5103dd0d22ec5d6a33eff7f863":null,"_eael_widget_elements":null,"_oembed_0d8a206f09633e3d62b95a15a4dd0487":null,"_oembed_time_0d8a206f09633e3d62b95a15a4dd0487":null,"_aioseo_description":null,"_eb_attr":null,"_eb_data_table":null,"_oembed_819a879e7da16dd629cfd15a97334c8a":null,"_oembed_time_819a879e7da16dd629cfd15a97334c8a":null,"_acf_changed":null,"_wpcode_auto_insert":null,"_edit_last":null,"_edit_lock":null,"_oembed_e7b913c6c84084ed9702cb4feb012ddd":null,"_oembed_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_time_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_03514b67990db061d7c4672de26dc514":null,"_oembed_time_03514b67990db061d7c4672de26dc514":null,"rank_math_news_sitemap_robots":"index","rank_math_robots":["index"],"_eael_post_view_count":"4619","_trp_automatically_translated_slug_ru_ru":null,"_trp_automatically_translated_slug_et":"perfect-forward-secrecy-future-proof-encryption-for-websites","_trp_automatically_translated_slug_lv":"perfekts-forward-secrecy-forward-forward-secrecy-future-proof-encryption-for-websites","_trp_automatically_translated_slug_fr_fr":null,"_trp_automatically_translated_slug_en_us":null,"_wp_old_slug":null,"_trp_automatically_translated_slug_da_dk":null,"_trp_automatically_translated_slug_pl_pl":null,"_trp_automatically_translated_slug_es_es":null,"_trp_automatically_translated_slug_hu_hu":null,"_trp_automatically_translated_slug_fi":"taeydellinen-ennakointisalaisuus-tulevaisuuden-varma-salaus-verkkosivustoille","_trp_automatically_translated_slug_ja":"%e3%82%a6%e3%82%a7%e3%83%96%e3%82%b5%e3%82%a4%e3%83%88%e3%81%ae%e3%81%9f%e3%82%81%e3%81%ae%e5%ae%8c%e5%85%a8%e3%81%aa%e5%89%8d%e6%96%b9%e7%a7%98%e5%af%86%e6%9c%aa%e6%9d%a5%e3%81%ae%e5%ae%89%e5%85%a8","_trp_automatically_translated_slug_lt_lt":null,"_elementor_edit_mode":null,"_elementor_template_type":null,"_elementor_version":null,"_elementor_pro_version":null,"_wp_page_template":"default","_elementor_page_settings":null,"_elementor_data":null,"_elementor_css":null,"_elementor_conditions":null,"_happyaddons_elements_cache":null,"_oembed_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_time_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_time_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_59808117857ddf57e478a31d79f76e4d":null,"_oembed_time_59808117857ddf57e478a31d79f76e4d":null,"_oembed_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_time_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_81002f7ee3604f645db4ebcfd1912acf":null,"_oembed_time_81002f7ee3604f645db4ebcfd1912acf":null,"_elementor_screenshot":null,"_oembed_7ea3429961cf98fa85da9747683af827":null,"_oembed_time_7ea3429961cf98fa85da9747683af827":null,"_elementor_controls_usage":null,"_elementor_page_assets":[],"_elementor_screenshot_failed":null,"theplus_transient_widgets":["tp-video-player"],"_eael_custom_js":null,"_wp_old_date":null,"_trp_automatically_translated_slug_it_it":null,"_trp_automatically_translated_slug_pt_pt":null,"_trp_automatically_translated_slug_zh_cn":null,"_trp_automatically_translated_slug_nl_nl":null,"_trp_automatically_translated_slug_pt_br":null,"_trp_automatically_translated_slug_sv_se":null,"rank_math_analytic_object_id":"1021","rank_math_internal_links_processed":null,"_trp_automatically_translated_slug_ro_ro":null,"_trp_automatically_translated_slug_sk_sk":null,"_trp_automatically_translated_slug_bg_bg":null,"_trp_automatically_translated_slug_sl_si":null,"litespeed_vpi_list":["webhostinglogo.png"],"litespeed_vpi_list_mobile":["webhostinglogo.png"],"rank_math_seo_score":null,"rank_math_contentai_score":null,"ilj_limitincominglinks":null,"ilj_maxincominglinks":null,"ilj_limitoutgoinglinks":null,"ilj_maxoutgoinglinks":null,"ilj_limitlinksperparagraph":null,"ilj_linksperparagraph":null,"ilj_blacklistdefinition":null,"ilj_linkdefinition":["perfect forward secrecy: zukunftssichere verschl\u00fcsselung f\u00fcr webseiten"],"_eb_reusable_block_ids":[],"rank_math_focus_keyword":null,"rank_math_og_content_image":null,"_yoast_wpseo_metadesc":"","_yoast_wpseo_content_score":null,"_yoast_wpseo_focuskeywords":null,"_yoast_wpseo_keywordsynonyms":null,"_yoast_wpseo_estimated-reading-time-minutes":null,"rank_math_description":null,"surfer_last_post_update":null,"surfer_last_post_update_direction":null,"surfer_keywords":null,"surfer_location":null,"surfer_draft_id":null,"surfer_permalink_hash":null,"surfer_scrape_ready":null,"_thumbnail_id":"503","footnotes":null,"_links":{"self":[{"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/posts\/4181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/comments?post=4181"}],"version-history":[{"count":0,"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/posts\/4181\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/media\/503"}],"wp:attachment":[{"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/media?parent=4181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/categories?post=4181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhosting.de\/sv\/wp-json\/wp\/v2\/tags?post=4181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}