Developers behind the Signal encrypted instant messaging app are championing Perfect Forward Secrecy as the most effective encryption protocol. PFS presents hackers with a moving target, by automatically and frequently changing the keys it uses to encrypt and decrypt information. If the latest key is compromised, it exposes only a small portion of the user’s sensitive data. Signal’s new ‘double ratchet’ system goes one stage further – by generating a new encryption key with every message.
Curiously, despite its effectiveness, not all financial and e-commerce websites have yet embraced PFS, leaving them vulnerable to upstream collection attacks. Using a single key to encrypt communications is clearly no longer enough – evidence that in today’s digital world, security researchers can’t ever rest of their laurels.