Most major sites that support HTTPS, such as Facebook and
Twitter, do so in a non-forward secret fashion. What this means is that
encrypted, normally unreadable email could be recorded while being delivered
to a computer today and decrypted in the future by knowledgeable attackers, when
computers become much faster.
To combat what it calls "retrospective decryption,"
Google is using forward secrecy, which requires that the private keys for a
connection are not kept in persistent storage.
So when an adversary breaks a
single key, he or she will longer be able to decrypt months' worth of
connections. Moreover, server operators themselves won't be able to decrypt
HTTPS sessions in the future.
Google said forward secret HTTPS is now live for Gmail
and many other Google HTTPS services such as SSL Search, Docs and Google+.
Google's Chrome and Mozilla's Firefox Web browsers and Microsoft
Internet Explorer (Vista or later) browsers support forward secrecy using elliptic curve Diffie-Hellman (ECDHE), a
key agreement protocol that allows two parties possessing an elliptic curve
public-private key pair to establish a shared secret over an insecure channel.
Only Chrome and Firefox will initially use it by default with Google services
because IE doesn't support ECDHE and the RC4
software stream cipher.
Users can check
whether they have forward secret connections in Chrome by clicking on the green
padlock in the address bar of HTTPS sites. Google's forward secret connections
will have a key exchange mechanism of ECDHE_RSA.
Google Security team member Adam Langley
also said Google has released the work that it did on the open-source OpenSSL
library that led to forward secrecy HTTPS encryption.
"We would very much like to see forward secrecy
become the norm and hope that our deployment serves as a demonstration of the
practicality of that vision," added Langley, who provided more detail of Google's security move on his personal blog.
Google's security team has been very active in trying to thwart some of the more mainstream attacks on its Web services.
Google in April began work on two security projects to improve the public key infrastructure, which was rocked by the Comodo digital certificate spoofing incident in March.
The Google Certificate Catalog is a database of all of the SSL
certificates Google's Web crawlers record in the DNS for the company's
search engine and Web services. The DANE Working Group at the IETF is
intended to allow domain operators to publish information about SSL
certificates used on their hosts.