A digital rights group is calling on all websites to implement perfect forward secrecy (PFS) after the discovery...
of the “catastrophic” Heartbleed bug that affects most of the internet.
“Perfect forward secrecy is more crucial than ever before,” said the Electronic Frontier Foundation (EFF) in a blog post.
The call comes after researchers revealed that at least two-thirds of websites could be affected by a flaw in the OpenSSL cryptographic library that enables SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption.
The security flaw exists in all versions of OpenSSL released between 14 March 2012 and 7 April 2014, when the flaw was fixed with the release of OpenSSL 1.0.1g.
The vulnerable versions of OpenSSL are 1.0.1 up to and including 1.0.1f. But the OpenSSL 1.0.0 branch and 0.9.8 branch are not vulnerable.
The two-year-old flaw compromises the cryptographic keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users, and the actual content.
This means attackers could monitor all data exchanged between a user and a web service or even decrypt past traffic they have collected without anyone being aware of it.
“Now that the details of Heartbleed are public, anyone can use it against servers that have not yet patched the OpenSSL bug and changed SSL certificates,” the EFF said.
The digital rights group said immediate mitigation is needed because it could take weeks or months for developers to deploy new SSL certificates, and certificate revocation systems are unreliable.
“In the meantime, any data you send to affected servers that don't use forward secrecy remains open to eavesdropping and malicious tampering,” the EFF said.
The group warned that if attackers gain access to a website's private SSL key, they can run a fake version of the site and/or steal any information that users send, including passwords and credit card numbers.
Read more on OpenSSL
PFS works by creating a new, disposable key for each exchange of information, so the key for every individual session would have to be decrypted to access the data.
This means that if a server is configured to support PFS, a compromise of its private key cannot be used to decrypt past communications.
PFS ensures protection of encrypted data even if another party obtains decryption keys, adding an extra layer of security to HTTPS encryption.
The introduction of PFS means greater protection of direct private messages, protected tweets and data on what users say, who they comment on and who else they read.
The EFF said: “Although we've patched this bug on EFF's servers and are scrambling to rotate our keys as fast as possible, we're relieved that our potential damage from Heartbleed is lower because we enabled forward secrecy last summer. It's clearly time for other websites to do so as well.”
Security industry representatives have advised the immediate deployment of the fixed version of OpenSSL, warning that as long as the vulnerable version of OpenSSL is in use, it can be abused.
If an immediate update is not possible, software developers are advised to recompile OpenSSL with the compile time option OPENSSL_NO_HEARTBEATS.
Distribution, appliance suppliers, operating system suppliers and independent software suppliers are advised to adopt the fix and notify their users.
Service providers and users are advised to install the fix as it becomes available for the operating systems, networked appliances and software they use.
“To be sure that attackers won't be able to use compromised data, affected providers have to replace the private keys and certificates after patching the vulnerable OpenSSL service for each of the services that are using the OpenSSL library,” said Jaime Blasco, director for security firm AlienVault Labs.
The bug was discovered independently by a Google researcher and Finnish security firm Codenomicon.
The researchers have put up a dedicated site to answer common questions about the bug.