News 11-25-2013

Forward Secrecy at Twitter

DigiCert

DigiCert provides SSL Certificates used to encrypt sensitive information. With revelations about mass surveillance in the news everywhere, an obscure feature of SSL/TLS called 'forward secrecy' has suddenly become very interesting.

Twitter recently announced that they have enabled forward secrecy for traffic on twitter.com, api.twitter.com, and mobile.twitter.com. On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If a malicious entity records all Twitter users’ encrypted traffic and they later crack or steal Twitter’s private keys, because of forward secrecy they should not be able to use those keys to decrypt the recorded traffic.

Read the full announcement from Twitter here.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

02-20-2024

Survey says: 1/3 of leaders are more vulnerable than they think

Making smart homes smarter: How TUO adds security to every device

A Q&A with TUO Accessories Co-Founder and CEO Sam Gabbay

Lessons from the Equifax data breach

How poor certificate visibility led to a
76-day-long leak of sensitive information