Mozilla Increases Security in Firefox

Wednesday, September 20, 2017 @ 11:09 AM gHale


Mozilla will use a new key establishment algorithm in Firefox in an effort to hike the browser’s security.

Curve25519 is the algorithm which is a high-security elliptic-curve-Diffie-Hellman function suitable for a wide variety of cryptographic applications.

RELATED STORIES
FTP Sites get ‘Not secure’ Label with Chrome
Chrome Attack is a RAT
Chrome RCE Vulnerability Released
Chrome 60 Now Available

The public key cryptography can garner higher speeds and also bring free key compression, free key validation, and timing-attack protection, said Curve25519 designer, Daniel Julius Bernstein in a paper.

Widely used for key-exchange in TLS, Curve25519 just became a standard by the Internet Engineering Task Force (IETF). Mozilla has already implemented the algorithm in its Firefox Nightly, and expects Firefox 57, which should come out in November, to carry the features.

The implementation of Curve25519 into Firefox is the result of a collaboration with INRIA (French Institute for Research in Computer Science and Automation) and Project Everest (Microsoft Research, Carnegie Mellon University, INRIA).

As a result of the partnership, Mozilla aims to have the first major web browser to have formally verified cryptographic primitives.

INRIA said the enhancement should hike the overall security of Firefox and its users, given that the key exchange algorithm has been already verified.



Leave a Reply

You must be logged in to post a comment.