Microsoft enhances encryption amid concerns of government surveillance

Share this article:

Microsoft announced on Wednesday that it would be improving and expanding its security to protect customer data, an initiative several companies – Google, Yahoo and Twitter, to name a few – have undertaken in recent days amid growing concerns of government surveillance.

The technology and computer software giant will be expanding encryption across services and reinforcing legal protections over customer data, Brad Smith, executive vice president and general counsel at Microsoft, wrote in a blog post. He added that the company would increase transparency of its software code so customers can confirm that products do not contain back doors.

“While we have no direct evidence that customer data has been breached by unauthorized government access, we don't want to take any chances and are addressing this issue head on,” Smith wrote. “Therefore, we will pursue a comprehensive engineering effort to strengthen the encryption of customer data across our networks and services.”

The effort extends to major services – such as, Office 365, SkyDrive and Windows Azure – but also includes customer-created content. This means content moving between customers is encrypted by default, content will be encrypted as it moves between data centers, and content that is stored by Microsoft will be encrypted.

“We will use best-in-class industry cryptography to protect these channels, including perfect forward secrecy and 2048-bit key lengths,” Smith wrote. “All of this will be in place by the end of 2014, and much of it is effective immediately.”

Seth Schoen, a senior staff technologist with the Electronic Frontier Foundation, previously explained to that forward secrecy is an encryption technique that takes advantage of a cryptographic key exchange known as Diffie-Hellman – meaning there is no single master key to decrypt data.

Microblogging website Twitter adopted forward secrecy in late November. Facebook, Dropbox and Tumblr are some of the other companies that have also implemented forward secrecy, but the initiative is not as widespread as it should be, Schoen said, because it is very computationally intensive.

Schoen told on Thursday that he was happy about the Microsoft announcement, but he added, “Microsoft has a significant role in many different parts of the computer and communications industry, so there are many unanswered questions about its role in facilitating surveillance – or protecting users' security about different kinds of threats.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Researchers observe more than a hundred connections to 'Backoff' sinkhole

Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.

Judge lifts stay but Microsoft won't hand over emails during appeal

A judge has lifted a suspension of a previous order compelling Microsoft to hand over customer emails stored on a server in Ireland.

Home Depot investigates possible payment card breach

Home Depot investigates possible payment card breach

Home Depot said on Tuesday that it is working with its banking partners and law enforcement to investigate a possible data breach.