The NSA Response -- Companies Crank Up Their Encryption

A snapshot of encryption settings across the internet's most popular sites shows a hard push for stronger encryption. The revelations brought on by Edward Snowden have provoked a response by companies to better protect customer data from advanced persistent threats like the US government.

Some notable improvements over the last couple of months:

Companies are moving to elliptic curves. These are generally believed to be strong, although there is some doubt that the NIST provided curves are tamper-free. Elliptic curve technology, implemented properly, is not only stronger than traditional RSA and Diffie-Hellman techniques, but it is faster as well.

TLS 1.2 adoption has rapidly sped up. The TLS 1.2 cipher suites have been available for a long time, but adoption has been slow due to a chicken and egg problem between browser makers and internet services. It was an infinite loop of "the servers don't support it" because "the browsers don't support it" because "the servers don't support it" repeated until security researchers were vomiting with rage.

Galois Counter Mode. A consequence of this rapid adoption of TLS 1.2 has enabled TLS 1.2 cipher suites including AEAD mode ciphers like Galois Counter mode. These ciphers are not only harder against side-channel attacks, but they are more efficient and faster because multiple stages of the encryption can be processed simultaneously.

All of this adds up to very strong encryption with very few known vulnerabilities.

A quick snapshot of popular websites reveals that many companies are taking encryption more seriously than before. These checks were run on the latest betas of Chrome and Firefox configured per our secure browsing guide.

Google, Youtube, Gmail: TLS 1.2, AES-128 in Galois Counter Mode, Elliptic curves (ECDHE)

Twitter: TLS 1.2, AES-128 in Galois Counter Mode, Elliptic Curves (ECDHE)

Wikipedia: TLS 1.2, AES-128 in Galois Counter Mode, RSA

Blogger: TLS 1.2, AES-128 in Galois Counter Mode, Elliptic Curves (ECDHE)

Facebook: TLS 1.2, AES-128 in Galois Counter Mode, Elliptic Curves (ECDHE)

Microsoft, Live.com: TLS 1.0, RC4-128, RSA (RC4 is a weak stream cipher that is no longer recommended for use)

Outlook: TLS 1.0, AES-128-CBC, RSA (the combination of TLS 1.0 and AES in Cipher Block Chaining mode is a known vulnerability to the BEAST attack)

Yahoo: TLS 1.0, AES-256-CBC, RSA (the combination of TLS 1.0 and AES in Cipher Block Chaining mode is a known vulnerability to the BEAST attack)

So aside from Microsoft and Yahoo being generally terrible about encryption, the most popular sites on the net have undoubtedly cranked up their encryption settings.

It is important to understand that while stronger encryption is noteworthy, and the companies certainly appear to be taking security a lot more seriously than just two years ago... They can still hand over their keys to other parties or intentionally use weak random number generators to give a false sense of security. Knowing this caveat, it is still good to see wide adoption of TLS 1.2 for the smaller companies that have wanted to implement measures like this for years but have been unable to due to browser restrictions.


< last
next >