Saturday, November 26, 2011

Google Modifies its HTTPS Encryption Method for its Services

Google has modified its HTTPS for its services which use it. This was done for the future when technologies can decrypt general HTTPS.

Instead of just giving the user a private security key. Google's modified HTTPS will delete and create new private keys so they are never the same.

What this will do is stop the attacker from getting anywhere. If they get one key they won't have much because new keys are made. They won't get much data. Even the server admin won't be able to decrypt the HTTPS after its set. Google had to design an extension to support this method since SSL doesn't support it.

Google's modified HTTPS doesn't work in IE. It currently only works in Chrome and Firefox. Google is planning on making it work on IE in the future.

This new HTTPS is very interesting. I think it could make security much stronger. Google just needs to make sure their new method can't be countered.

No comments:

Post a Comment