Perfect Forward Secrecy: Future-proof encryption for websites


Whistleblower Edward Snowden's revelations have shown that the NSA collects data on a massive scale. Although it can not decrypt some of the information today, in the future this might be possible. Webmasters today can protect themselves and their visitors from tomorrow's decryption.

Edward Snowden has shown the world that no data is safe from the intelligence services. They collect (as a precautionary measure) all the information they come across. Some of this data is encrypted, for example over an HTTPS connection. These include websites that transmit sensitive information, the purchase of a product, or logging in to the email account or using home banking. All these data are intercepted, even though they are unusable today. In a few years, secret services could decrypt them.

The vulnerability of HTTPS

What exactly is meant by Perfect Forward Secrecy, PFS for short? To explain the term, it is first necessary to explain how SSL encryption works, which is used on websites where sensitive data is transmitted.

When visiting our website, a small lock becomes visible in the search bar of the web browser. A click on the lock opens information about the SSL certificate. With another click, you can view information about the certificate, including, for example, the expiration date.

SSL Certificates can use virtually any website. The differences are in

- their encryption
- whether they are the Domain or identity validate and
- how high your browser compatibility is.

There are also three certificate types:

1. single
2. Wildcard
3. Multi domain

The SSL certificate works as follows: The user surfs a web page, for example His browser contacts the server, which specifies a public key issued by the certification authority. The browser checks the signature of the certification authority. If this is correct, he exchanges data with All data will be transmitted encrypted from now on.

Perfect Forward Secrecy as protection against the methods of tomorrow

For the encrypted transmission of an HTTPS session, the browser proposes a secret session key each time. The server confirms this key.

The problem with the method is that intelligence services like the NSA can record the transmission of the key. In the foreseeable future it would be possible for him to decrypt. This would enable her to read all data transmitted on

There have been problems with HTTPS in the past. The Bug Heartbleed, which has exposed web pages since 2011 major security vulnerabilities, affected two out of three websites on the Internet. Heartbleed was a programming bug in the OpenSSL software. He gave hackers who linked via HTTPs to a server with a vulnerable version of OpenSSL access to 64 KB of private storage space. The attack leaked server cookies, passwords and e-mail addresses. Affected were great services like Yahoo Mail and LastPass.

The solution for such scenarios is Perfect Forward Secrecy: With the so-called Diffie-Hellman method, the two communication partners - in this case web browser and server - agree on a temporary session key. This will never be transferred. Once the session is completed, the key is destroyed.

PFS in practice and the future

Unfortunately, there are two bad news:

1. Currently, only a few websites use PFS.
2. All previously exchanged data can no longer be encrypted.

Nevertheless, at least from now on web pages should implement Perfect Forward Secrecy to ensure that no data can be read sooner or later despite encryption.

Ivan Ristic of Security Labs recommends the following suites for the implementation of PFS:


Webmasters can test their website on and then decide on appropriate action.

Following the implementation of Perfetct Forward Secrecy, services such as the NSA and BND can only read data using man-in-the-middle attacks. In all other cases, FPS will be a big thorn in the eye of eavesdroppers.


Please enter your comment!
Please enter your name here