company. Google. changed the encryption method of your HTTPS- services, including Gmail, Docs, and. Google. In order to ensure the safety and security of information in the future. According to the corporation, the new encryption will prevent access to users' information, even when technological advances will be much better IT.
Today, most services use HTTPS- encrypted private key known only to the domain owner, which allows to generate session keys used to encrypt the traffic between servers and clients.
This approach prevents the possibility of decryption Google users. According to Adam Langley (Adam Langley), a member of the security team and Google, this step was necessary, t. to. in the next 10 years, when computers become faster, the attackers would be able to crack the secret key to decrypt the data server and e-mail.
In order to mitigate the damage that could be brought to the company, as well as improve security, Google introduced a new cryptographic system, which includes the use of multiple private keys to encrypt the session and remove them after a certain period of time.
Thus, an attacker who wants to break or steal the key, will not be able to recover most of the traffic. As noted by Langley, even the administration server can not decrypt the traffic to HTTPS ' afterthought '.
No comments:
Post a Comment