14 DAY TRIAL // Online encryption has been around for as long as the web itself. But it's looking like it has never been as pertinent to the current conditions as it is now.
With the NSA and other spy organizations tapping into the Internet's main pipes and hoovering everything that looks interesting even if they can't do anything with it now, encrypting online communications seems like the wise thing to do.
Of course, many websites use encryption; everything that is transported over HTTPS connections is encrypted. But not all encryption is created equal.
In fact, only a few companies today use the absolute best form of encryption, one that doesn't just protect you from eavesdroppers now, but also five years from now.
The problem with digital encryption is that it becomes obsolete rather quickly. Methods that were seemingly impossible to crack a decade ago can now be bypassed with a regular laptop.
Likewise, most encryption used by websites today can't be broken, possibly not even by the NSA. But the NSA stores all your communications, encrypted or not, and five years down the line it may be able to find out what you said, easily.
One solution to this is the so-called "forward secrecy." Normally, encrypted channels use a single key for all users and for all sessions. If that key is discovered, all the data from all the users becomes easily decryptable.
There is a better way though; instead of using a single key, websites could use one key per user per session. That way, if one key is compromised, all an attacker would get is access to the data sent by a user during one session, a few emails for example, not the entire archive.
Currently, only very few major websites use this method, for a simple reason – it's slower. Google implemented it in 2011 and remains the only major provider to do so. However, Cnet has revealed that Facebook is about to unveil a similar system for it users.