encryption

SSL is dead, long live TLS

https banner image

Secure Socket Layer – SSL – the connection or transport layer protocol developed by Netscape to help secure the web, is now 20 years old.

The original, never released version 1.0 of SSL dates back to 1994 with the first public version, 2.0, being released in February 1995. This was updated the following year by SSL v3.0 which was a substantial overhaul of the protocol and addressed a number of security weaknesses in version 2.0.

Introduction to Perfect Forward Secrecy

Background

The idea of ‘Perfect Forward Secrecy’, or sometimes simply ‘Forward Secrecy’, is that something that in encrypted and so considered ‘secret’ now, should remain encrypted and so not easier discovered in the future. If there is a means whereby the ‘secret’ can be revealed in the future, then there is no ‘forward secrecy’, meaning that while the information may be protected now, it may not be at some future point in time.