clock menu more-arrow no yes

Filed under:

Twitter implements new encryption using Perfect Forward Secrecy

New, 14 comments
Twitter Logo STOCK
Twitter Logo STOCK

Twitter announced today that the service will be changing its encryption standards, adopting a more secure protocol known as Perfect Forward Secrecy that's recommended by many experts in the field. The new protocol will be installed on top of standard HTTPS encryption, generating a new key for each encounter and hopefully prevent the passive bulk surveillance by the NSA that's been revealed in recent months. In September, leaks revealed the NSA was capable of passively decrypting SSL traffic, a huge blow for security engineers, so the new measures are necessary to keep Twitter's traffic effectively encrypted.

The new protocol requires a more complex server architecture, and will also result in slightly slower service — but Twitter believes the extra security will be worth the trouble. Writing for the Twitter Security Blog, engineer Jacob Hoffman-Andrews said this new PFS-powered setup "should be the new normal for web service owners." Google and Facebook clearly agree, having implemented PFS earlier this year.