Twitter Takes Steps To Frustrate NSA, Other Government Snoops

Twitter announced Friday that
it’s joining other tech companies in implementing “perfect forward
secrecy.” While many online services already encrypt user
comunications and other data, this form of encryption ensures that
snoops—we’re looking at you, National Security Agency—who break
through the encryption get access to only a snippet of data, rather
than everything belonging to a user. Even where a warrant is
involved, perfect forward secrecy has the potential to limit
intrusions, rather than acting as an open-ended skeleton key.

From Twitter’s
Jacob Hoffman-Andrews:

As part of our continuing effort to keep our users’ information
as secure as possible, we’re happy to announce that we recently
enabled forward secrecy for traffic on twitter.com,
api.twitter.com, and mobile.twitter.com. On top of the usual
confidentiality and integrity properties of HTTPS, forward secrecy
adds a new property. If an adversary is currently recording all
Twitter users’ encrypted traffic, and they later crack or steal
Twitter’s private keys, they should not be able to use those keys
to decrypt the recorded traffic.

The Electronic Frontier Foundation’s Parker Higgins
describes how perfect forward secrecy works:

How can perfect forward secrecy help protect user privacy
against that kind of threat? In order to understand that, it’s
helpful to have a basic idea of how HTTPS works in general. Every
Web server that uses HTTPS has its own secret key that it uses to
encrypt data that it sends to users. Specifically, it uses that
secret key to generate a new “session key” that only the server and
the browser know. Without that secret key, the traffic traveling
back and forth between the user and the server is incomprehensible,
to the NSA and to any other eavesdroppers.

But imagine that some of that incomprehensible data is being
recorded anyway—as leaked NSA documents confirm the agency is
doing. An eavesdropper who gets the secret key at any time in the
future—even years later—can use it to decrypt all of the stored
data! That means that the encrypted data, once stored, is only as
secure as the secret key, which may be vulnerable to compromised
server security or disclosure by the service provider.

That’s where perfect forward secrecy comes in. When an encrypted
connection uses perfect forward secrecy, that means that the
session keys the server generates are truly ephemeral, and even
somebody with access to the secret key can’t later derive the
relevant session key that would allow her to decrypt any particular
HTTPS session. So intercepted encrypted data is protected from
prying eyes long into the future, even if the website’s secret key
is later compromised.

Facebook
also plans to implement perfect forward secrecy, and
Google has had it in place since 2011. Google points out that
“not even the server operator will be able to retroactively decrypt
HTTPS sessions,” meaning that companies that implement the security
can’t turn users’ lives into open books, no matter the
pressure they face.

As fuck-yous to the surveillance state go, this is both welcome,
and effective.