Twitter Inc. said it has enabled Perfect Forward Secrecy (PFS) in a move to increase protections around users’ information following reports of secret data mining by the National Security Agency (NSA).
“Forward secrecy is just the latest way in which Twitter is trying to defend and protect the user’s voice,” Twitter said in a blog post issued earlier this week.
Twitter’s announcement follows similar statements made by several other technology companies, including Google Inc., and Facebook, also in the wake of the reported NSA spying.
“On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic,” the Twitter blog post stated.
In August, the non-profit Electronic Frontier Foundation (EFF), called on websites to implement PFS, saying that it was “pushing for Perfect Forward Secrecy,” to protect data from “prying eyes.”
Calling it an important web privacy protection technology, the EFF said that sites that use perfect forward secrecy can better safeguard users in cases where a third party is monitoring and recording encrypted data.
”That particular threat may have once seemed unlikely, but we now know that the NSA does exactly this kind of long-term storage of at least some encrypted communications as they flow through telecommunications hubs, in a collection effort it calls “upstream,” the EFF said.