Facebook is said to be preparing to deploy an improved level of security on its website that would make it increasingly difficult for hackers (or government spies) to listen into internet communications.
The technique, known as Forward Secrecy has been around for a couple of decades, but is currently only used by one major internet company — Google.
The technique avoids the use of a single master key for all secure internet communications, replacing it with an different key for each connection. That adds to the company’s server processing load, but means that there is no longer a single master key route into the communications.
The main advantage of Forward Secrecy is that it also means that if an encrypted message is recorded today, it still cannot be decrypted in the future when hackers computers get more powerful. As Google noted when it adopted the technique in 2011, an adversary that breaks a single key will no longer be able to decrypt months’ worth of connections; in fact, not even the server operator will be able to retroactively decrypt HTTPS sessions.
A person familiar with the development told Cnet that Facebook has enabled some encryption techniques that use forward secrecy, but has not made them the default.
It is however is planning to enable it for users soon, the source added.