For those who are not familiar with PFS, implementing it makes sure that each web session is encrypted with a key that is disposed of once the aforementioned session is over.
“On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic,” Twitter security engineer Jacob Hoffman-Andrews explained in a blog post announcing the change.
“Under traditional HTTPS, the client chooses a random session key, encrypts it using the server’s public key, and sends it over the network. Someone in possession of the server’s private key and some recorded traffic can decrypt the session key and use that to decrypt the entire session,” he added. “In order to support forward secrecy, we’ve enabled the EC Diffie-Hellman cipher suites. Under those cipher suites, the client and server manage to come up with a shared, random session key without ever sending the key across the network, even under encryption.”
Hoffman-Andrews shared some of the difficulties they have had in implementing PFS, but has pointed out that users should not be adversely affected by the change. There will be a practically insignificant increase in CPU usage, and a small delay to a user’s initial connection to Twitter (a second or less), but Twitter believes it’s worth it in order to gain more security.
“Security is an ever-changing world,” Hoffman-Andrews pointed out. “A year and a half ago, Twitter was first served completely over HTTPS. Since then, it has become clearer and clearer how important that step was to protecting our users’ privacy.”
His statement echoes that made by the Electronic Frontier Foundation, and seems to imply that Twitter had NSA surveillance and that of other intelligence agencies around the world in mind when it decided to implement PFS.
“It may not be as obvious a step as simply enabling HTTPS, but turning on perfect forward secrecy is an important improvement that protects users. More sites should enable it, and more users should demand it of the sites they trust with their private data,” says the EFF.
Twitter obviously concurs.
“At the end of the day, we are writing this not just to discuss an interesting piece of technology, but to present what we believe should be the new normal for web service owners,” says Hoffman-Andrews.
“If you are a webmaster, we encourage you to implement HTTPS for your site and make it the default. If you already offer HTTPS, ensure your implementation is hardened with HTTP Strict Transport Security, secure cookies, certificate pinning, and Forward Secrecy. If you don’t run a website, demand that the sites you use implement HTTPS to help protect your privacy, and make sure you are using an up-to-date web browser so you are getting the latest security improvements.”