Insights For Success

Strategy, Innovation, Leadership and Security

TLS

Understanding Perfect Forward Secrecy: The Importance of PFS in Protecting Your Data Online

GeneralEdward Kiledjian

Summary

Discover the benefits of Perfect Forward Secrecy (PFS) for protecting your online data. Learn how PFS keeps your information secure. Learn about the key exchange mechanism and ephemeral key that makes PFS possible and how it is used in protocols like TLS, SSH, and IPsec.

Article

With the increasing use of the Internet for transmitting sensitive information, security has become a critical concern for both businesses and individuals. Perfect Forward Secrecy (PFS) is one of the most vital security features that help protect our data. We will examine the importance of PFS, how it works, and what it is in this post.

Let us begin by defining PFS. PFS is a security feature that ensures an attacker cannot decrypt past data sent over a connection, even if the encryption key used was obtained.

A team of researchers at the Massachusetts Institute of Technology (MIT) first proposed PFS in the late 1990s. Among the team members were Paul Kocher, Daniel Bleichenbacher, and Bruce Schneier, who were concerned about the security of SSL (Secure Sockets Layer), which did not support PFS at the time. They recognized that, without PFS, an attacker who obtained the encryption key for a connection could decrypt the current data and any data sent over the connection in the past.

To address this issue, the team proposed an ephemeral key exchange mechanism. Each session generates a unique, temporary key, which is used only for that session and is discarded afterwards. Thus, each session will have its unique key, so if one key is compromised, it will not affect the security of previous or future sessions.

PFS is now widely used in many protocols, including TLS (Transport Layer Security), which encrypts data sent over the Internet. Besides SSH, IPsec (Internet Protocol Security) and SSH (Secure Shell) also use it.

Keywords: Perfect Forward Secrecy, PFS, encryption key, data security, key exchange mechanism, ephemeral key, SSL, TLS, SSH, IPsec, online security, data protection, MIT, encryption protocols, cyber security

VPNs don't protect your privacy

GeneralEdward Kiledjian

A podcast is a great way to consume a large amount of new information in a short period of time. Every week, I listen to dozens of podcasts that cover topics such as tech, security, news, economics, psychology, and more. In the past year, I have been bombarded with host read advertisements sponsored by NordVPN and ExpressVPN. Many of these hosts are reading copy that is unreliable at best or purposefully misleading at worst.

This article aims to clarify misinformation regarding privacy improvements directly related to VPNs.

TL;DR: A VPN alone does not provide adequate privacy

The following article is intended for a general audience. Professionals in Information Security can devise solutions that incorporate VPNs to provide the level of privacy and security required by their customers (based on the customer's specific risk profile).

More Details

If you are not paying for a product or service, then you are that product. You should never utilize a free VPN service. Operating a VPN service is expensive, so they must recoup their costs somewhere (and they will probably make a large profit selling your information to data brokers).

The downside of a VPN is there are dozens of ways it can fail you, but you should understand that you are shifting all of your traffic through the VPN (which means if they are breached or decide to sell your data, they may have access to everything). Perhaps you do not want your large ISP to be able to see your Internet traffic, but would an unnamed VPN provider be any better?

The truth is that while many companies claim to operate on a zero-log basis, there is no way for a user to determine this for certain. Several providers have failed to meet their zero-log promises, resulting in a user being profiled or arrested.

Tracking you

Dozens of hosts are simply reading ad copy provided by the advertiser, and I have heard similar ads on dozens of other podcasts.

The first question is a valid one: would you prefer your ISP to view all of your traffic or the VPN provider. Despite the fact that most people dislike their services with the passion of a thousand suns, at least you have an understanding of what they are doing. I would trust only a few VPN services more than my Internet service provider.

The majority of websites now utilize HTTPS/TLS, which creates an encrypted tunnel between a user and a website. As an example, if you are using HTTPS/TLS to access Facebook (which is now the default), your ISP will know you visited Facebook and how long you spent there, but they cannot see what you did nor can they inject traffic info that flow or modify it in any way.

The other fallacy is that information brokers or large social media sites require your IP address in order to track you. VPNs do conceal your origin IP address, but very few trackers still rely on it to identify you. In addition, they take into account other factors, such as the operating system, plug-ins, display size, and resolution. Any website that has a Facebook-like button shares traffic information with Facebook. Any site using Google Analytics shares information with Google.

Use the EFF's Cover your Tracks website to find out how identifiable you are.

Alternatives

Option 1 - Apple PrivateRelay

Rather than using a general-purpose VPN, most users would be better served by configuring their browser security and using Apple's PrivateRelay (it's not perfect, but it's more secure than VPNs for the average user).

Option 2 - TOR

Tor remains the best alternative for someone that wants maximum privacy. TOR is free, open-source and trustless. It will be slower and you won’t be able to stream music or videos but it a good tool for someone looking to augment their privacy on the internet.

Option 3 - Break censorship

You may wish to consider using the censorship-busting VPN service called Psiphon if you are in an environment that uses technical controls to support its censorship efforts.

Conclusion

As soon as your packets hit the VPN provider's boundary gateway, the provider strips all encryption and then retransmits your data based on the technology available on the site (where you are browsing). HTTPS/TLS will be secure, HTTP/FTP will be insecure.

A VPN was originally designed to protect a company's data while its employees were working remotely. Consumer VPNs were a secondary market, and by default, VPNs are not designed to be log-free. Providers of VPN services must devise solutions in order to make their service more private by using technologies such as RAM-only servers, configuring the VPN to delete log files, etc. It is crucial that they have a sound architecture and that they deploy this architecture correctly without errors to protect your privacy.

Although VPNs remain useful in some situations, they are not the magic bullet that will allow the average (non-technical) user to become private. It is simply a tool that allows a tech professional to design an appropriate security program based on the risk profile of the user.

For the average user, the only good use of a VPN is to stream multimedia content that is geo-restricted (such as Netflix, Hulu, Peacock, etc.).

The start of the end for Symantec cert trust on Google's Chrome

GeneralEdward Kiledjian

A little history

Early 2017, a security researcher (Andrew Ayer from SSLMate) discovered that three certificate authorities (Symantec Trust Network, GeoTrust Inc., and Thawte Inc), owned by Symantec, had improperly issued 108 TLS certificates. It is important to understand that these improperly issued certificates would allow a threat actor to spoof or impersonate a website that was using HTTPS.

9 of these certificates were issued without the knowledge of the domain owners. 99 were issued without proper validation of domain ownership. 

This improper issuance of certificates directly contravenes the strict (prescriptive) guidelines of the CA/Browser Forum and raised the ire of internet giants like Google, Mozilla, and Microsoft. 

These guidelines and controls underpin the entire trust model of the encrypted internet.

There is no way to verify if these certificates were ever used in the wild but we also cannot verify that they were not used. 

You can see the list of certificates here

Chrome to distrust Symantec TLS Certs

https://bugs.chromium.org/p/chromium/issues/detail?id=796230

Very quickly after this second incident was made public, the developers of the Chromium project announced their intention to distrust all Symantec issued TLS certificates. Since Chromium powers Google Chrome, the most popular browser in the world, this was a punishment for Symantec's mismanagement. So started the two-year roadmap to achieve this goal. 

You can read the blog article on the Google Security blog entitled "Chrome’s Plan to Distrust Symantec Certificates".

As you can see above, the process is broken down into 3 distinct phases:

  1. Certificates issued after December 1, 2017, from Symantec's legacy infrastructure will not be trusted
  2. Certificates issued before June 1, 2016, from Symantec's legacy infrastructure will not be trusted
  3. All certificates issued from Symantec's legacy infrastructure will not be trusted.

The first phase is rolling out with Chrome beta version 66 on March 15, 2018. Domain admins still using Symantec certs issued before June 1, 2016, are encouraged to replace them ASAP. 

The full roadmap will come to fruition with Google Chrome beta 70 (due October 16, 2018). 

In an October 2017 Symantec security blog entry, we learned that Digicert will takeover certificate updated as of December 1, 2017.