Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Forward Secrecy Brings Better Long-Term Privacy to Wikipedia

EFF – “Wikipedia readers and editors can now enjoy a higher level of long-term privacy, thanks to the Wikimedia Foundation’s rollout last week of forward secrecy on its encrypted connections. Forward secrecy is an important Web privacy protection; we’ve been tracking its implementation across many popular sites with our Encrypt the Web Report. And though it may sound like an obscure technical switch, the impact is dramatic: forward secrecy ensures that every new connection uses unique and ephemeral key information, so traffic intercepted once can’t later be decrypted if the private key gets compromised. That kind of compromise can happen at the hands of law enforcement who demand a copy of a server’s private key, or who compromise servers to get a copy without asking. It could also be exposed by a bug in the encryption software, as we saw earlier this year in the case of the widely discussed Heartbleed bug. Forward secrecy provides stronger protection against all of these possibilities, limiting exposure to the traffic collected after the key compromise and before a new key is in place.”

 

Sorry, comments are closed for this post.