Twitter protects its users from electronic snooping with 'impossible' encryption technique borrowed from GCHQ

 

Twitter has used an “impossible” mathematical problem first discovered by GCHQ to protect its users from electronic snooping.

The company said "perfect forward secrecy" (PFS) was now live on all its services, drastically increasing the effort required to intercept its traffic.

It is understood the move is intended to make it more difficult for data to be collected on its users without going through legal channels.

Jim Killock, director of the Open Rights Group (ORG), said it was a "policy move" driven by revelations about mass surveillance by British eavesdropping agency GCHQ and the American National Security Agency (NSA).

He said: "Companies have now realised precisely how vulnerable their information is on the internet. It's no longer a theoretical risk. We know it's been going on now.

"This is about asking users to trust the companies involved and to also force the legal authorities to approach companies directly rather than attempting to seize the data in transit."

In June it was revealed that GCHQ was using a project called Tempora to indiscriminately scoop data from fibre optic cables entering and leaving the UK.

In standard encryption each side of a communication independently generates paired keys - a public key telling others how to encrypt the messages they send to it and a private one used to decode them when they arrive.

The maths involved make it almost impossible to calculate the private key from the public one.

But if an attacker acquires a company's private key it can read anything sent to and from that company's servers - even if it was recorded years earlier.

PFS adds another stage where two machines collaborate on enormous sums to deduce a shared key which is never shared and never used again.

That means an attacker would have to use a more complicated and resource-intensive "man-in-the-middle" strategy specifically targeted at a single communication while it was still going on.

The so-called "Diffie-Hellman" method used by Twitter was first discovered by GCHQ analysts in the early 70s, but remained classified until it was independently patented by a pair of American cryptographers.

A post on Twitter's engineering blog explained: "If an adversary is currently recording all Twitter users' encrypted traffic, and they later crack or steal Twitter's private keys, they should not be able to use those keys to decrypt the recorded traffic."

It stressed that the move was simply "part of a continuing effort to keep our users' information as secure as possible" and that PFS should become "the new normal."

Dr Ian Brown, an ORG trustee and associate director of Oxford University's Cyber Security Centre, said PFS "effectively reinforces the rule of law about interception" and described the Diffie-Hellman problem as "effectively impossible."

He said: "In the States, the UK, and many other countries, there are laws that say governments can go to companies and request messages relating to individuals or subjects that they have a warrant for.

"What this means is that is the only way those intelligence agencies can get access - rather than, as we now know they have been doing, recording everything."

PA

Life and Style
ebookNow available in paperback
ebooks
ebookA delicious collection of 50 meaty main courses
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
SPONSORED FEATURES
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    SThree: Trainee Recruitment Consultant

    £18000 - £23000 per annum + Uncapped OTE: SThree: Trainee Recruitment Consulta...

    SThree: Trainee Recruitment Consultant

    £18000 - £23000 per annum + Uncapped OTE: SThree: Trainee Recruitment Consulta...

    Recruitment Genius: Network Support Engineer

    £25000 - £30000 per annum: Recruitment Genius: A Network Support Engineer is r...

    Recruitment Genius: Account Director - Tech Startup - Direct Your Own Career Path

    £25000 - £40000 per annum: Recruitment Genius: This is an exciting opportunity...

    Day In a Page

    Refugee crisis: David Cameron lowered the flag for the dead king of Saudi Arabia - will he do the same honour for little Aylan Kurdi?

    Cameron lowered the flag for the dead king of Saudi Arabia...

    But will he do the same honour for little Aylan Kurdi, asks Robert Fisk
    Our leaders lack courage in this refugee crisis. We are shamed by our European neighbours

    Our leaders lack courage in this refugee crisis. We are shamed by our European neighbours

    Humanity must be at the heart of politics, says Jeremy Corbyn
    Joe Biden's 'tease tour': Could the US Vice-President be testing the water for a presidential run?

    Joe Biden's 'tease tour'

    Could the US Vice-President be testing the water for a presidential run?
    Britain's 24-hour culture: With the 'leisured society' a distant dream we're working longer and less regular hours than ever

    Britain's 24-hour culture

    With the 'leisured society' a distant dream we're working longer and less regular hours than ever
    Diplomacy board game: Treachery is the way to win - which makes it just like the real thing

    The addictive nature of Diplomacy

    Bullying, betrayal, aggression – it may be just a board game, but the family that plays Diplomacy may never look at each other in the same way again
    8 best children's clocks

    Tick-tock: 8 best children's clocks

    Whether you’re teaching them to tell the time or putting the finishing touches to a nursery, there’s a ticker for that
    Isis profits from destruction of antiquities by selling relics to dealers - and then blowing up the buildings they come from to conceal the evidence of looting

    How Isis profits from destruction of antiquities

    Robert Fisk on the terrorist group's manipulation of the market to increase the price of artefacts
    Labour leadership: Andy Burnham urges Jeremy Corbyn voters to think again in last-minute plea

    'If we lose touch we’ll end up with two decades of the Tories'

    In an exclusive interview, Andy Burnham urges Jeremy Corbyn voters to think again in last-minute plea
    Tunisia fears its Arab Spring could be reversed as the new regime becomes as intolerant of dissent as its predecessor

    The Arab Spring reversed

    Tunisian protesters fear that a new law will whitewash corrupt businessmen and officials, but they are finding that the new regime is becoming as intolerant of dissent as its predecessor
    King Arthur: Legendary figure was real and lived most of his life in Strathclyde, academic claims

    Academic claims King Arthur was real - and reveals where he lived

    Dr Andrew Breeze says the legendary figure did exist – but was a general, not a king
    Who is Oliver Bonas and how has he captured middle-class hearts?

    Who is Oliver Bonas?

    It's the first high-street store to pay its staff the living wage, and it saw out the recession in style
    Earth has 'lost more than half its trees' since humans first started cutting them down

    Axe-wielding Man fells half the world’s trees – leaving us just 422 each

    However, the number of trees may be eight times higher than previously thought
    60 years of Scalextric: Model cars are now stuffed with as much tech as real ones

    60 years of Scalextric

    Model cars are now stuffed with as much tech as real ones
    Theme parks continue to draw in thrill-seekers despite the risks - so why are we so addicted?

    Why are we addicted to theme parks?

    Now that Banksy has unveiled his own dystopian version, Christopher Beanland considers the ups and downs of our endless quest for amusement
    Tourism in Iran: The country will soon be opening up again after years of isolation

    Iran is opening up again to tourists

    After years of isolation, Iran is reopening its embassies abroad. Soon, there'll be the chance for the adventurous to holiday there