On the heels of the US PRISM scandal, private search engines Ixquick and its partner site StartPage are leveraging new encryption methods that offer higher levels of security beyond the standard SSL encryption.
With a combined four millions searches daily, Ixquick and StartPage boast they are the first search engines in the world to employ “Perfect Forward Secrecy” (PFS) along with TLS 1.1. and 1.2, creating a more secure network around their search traffic data.
“We’re setting the standard for encryption in the post-PRISM world,” claims StartPage developer and privacy expert Dr. Katherine Albrecht.
PFS encrypts large amounts of data by using different “per-session” keys for individual data transfers, making it impossible to decrypt a website’s full library of files with a single “private key” as can happen with an SSL encryption.
According to the announcement:
With SSL alone, if a target website’s “private key” can be obtained once in the future – perhaps through court order, social engineering, attack against the website, or cryptanalysis – that same key can then be used to unlock all other historical traffic of the affected website. For larger Internet services, that could expose the private data of millions of people.
PFS offers websites an extra layer of protection, “…even if a site’s private SSL key is compromised, data that was previously transmitted is still safe.” If someone, or an organization, wanted to decrypt files secured via PFS, they would have to decrypt each individual file – a time consuming task when trying to decrypt large quantities of data.
StartPage and Ixquick implemented PFS earlier this month in combination with TLS 1.1. and 1.2, an upgraded form of SSL encryption that establishes a secure “tunnel” where search traffic cannot be intercepted.