Twitter Aims to Future-Proof Encryption Security
Twitter has implemented new security measures that should make it more difficult for eavesdroppers to access communications between its servers and users, PC World and IDG News Service report.
The company has implemented “perfect forward secrecy” on its Web and mobile platforms, it announced Friday. The technology should, in theory, make it impossible for an organization to eavesdrop on encrypted traffic today and decrypt it at some point in the future.
At present, the encryption between user and server is based around a secret key held on the server, and data can be recorded in its encrypted form.
With perfect forward secrecy, data encryption is based on two short-lived keys that can never be recovered later.
Twitter did not provide a reason for the change, but it did link to a blog post from the Electronic Frontier Fountation that suggested the method be used as a way to stop the National Security Agency (NSA) or others from snooping on Internet communications, the article reports.