Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

EFF- Why the Web Needs Perfect Forward Secrecy More Than Ever

EFF has long advocated for websites to support HTTPS instead of plain HTTP to encrypt and authenticate data transmitted on the Internet. However, we learned yesterday of a catastrophic bug, nicknamed “Heartbleed,” that has critically threatened the security of some HTTPS sites since 2011. By some estimates, Heartbleed affects 2 out of 3 web servers on the Internet. Heartbleed isn’t a bug in the design of HTTPS itself but rather the result of a simple programming error in a widely-used piece of software called OpenSSL. It allows an attacker who connects to an HTTPS server running a vulnerable version of OpenSSL to access up to 64KB of private memory space. Doing the attack once can easily cause the server to leak cookies, emails, and passwords. Doing the attack repeatedly in a clever way can potentially leak entire encryption keys, such as the private SSL keys used to protect HTTPS traffic. If an attacker has access to a website’s private SSL key, they can run a fake version of the website and/or steal any information that users send, including passwords, private messages, and credit card numbers. Neither users nor website owners can detect this attack as it happens…Luckily, there’s one important mitigation that could actually protect some users from the worst-case scenario: perfect forward secrecy. If a server was configured to support forward secrecy, then a compromise of its private key can’t be used to decrypt past communications. In other words, if someone leaks or steals a copy of EFF’s private SSL key today, any traffic sent to EFF’s website in the past since EFF started supporting forward secrecy is still safe. Unfortunately, most HTTPS websites still don’t support forward secrecy, which means that a large chunk of your past communications with those servers is vulnerable to decryption when private SSL keys are compromised.”

Leave a reply