Start Trial

How will SFTP evolve in the future?

by | Oct 18, 2024 | SFTP Background

Cerberus FTP Server - What Does the Future of SFTP Hold?

The Secure File Transfer Protocol (aka the SSH File Transfer Protocol, or SFTP) has become a foundational protocol of the internet since its invention in the late 1990s. And while its predecessor, FTP, will likely fade from usage in the near future, SFTP servers are still going strong. 

Because of this heavy usage, we expect SFTP to evolve to fit the ever-changing needs of data security and transfer efficiency in the future. In this article, we’ll explore the current state of SFTP, as well as its potential evolution, to help you plan your architecture in the future.

The current state of SFTP

SSH-secured traffic is second in volume only to HTTP/S-based traffic, and SFTP is currently the most widely used and trusted method for securely transferring files between two servers. The protocol’s popularity stems from its ability to encrypt both commands and data, preventing unauthorized access and eavesdropping. SSH transmission also allows the upgrade of encryption algorithms as new threats and vulnerabilities emerge, which is likely to keep it relevant as the dominant secure file transfer protocol in the future.

What are SFTP’s core features?

Key features of modern SFTP servers include:

  • Strong encryption: SFTP uses SSH encryption for all transfers, with most SFTP servers allowing customizable encryption levels up to 521-bit keys.
  • Authentication mechanisms: SFTP authentication benefits from improved validation through a public key exchange process. This allows administrators to confirm that all connecting clients are authorized. 
  • Integrity checking: SSH transfers use keyed hash algorithms to perform message integrity checks between the server and client in order to ensure that no data has been compromised during transmission.
  • Firewall-friendly nature: SFTP transfers only require one port for control and data messages, which simplifies network setup (although you can customize your SFTP port if you’d like). 

What are SFTP’s limitations?

SFTP is not a perfect fit for all use cases, and does have some limitations:

  • Transfer speed: SFTP’s heavier encryption and the way SSH operates on a TCP connection result in slower transfer speeds than other protocols, which can strain bandwidth and server resources.
  • Cloud storage operations: Cloud storage providers may not support all SFTP operations, which can challenge organizations operating in distributed environments. Azure, for example, does not support Random writes or file recovery via SFTP.  
  • Compatibility: SFTP servers and applications do not have the same level of protocol and connection standardization as HTTP/S or FTP/S-based connections. This means that communications with legacy systems may not work due to a lack of supported connection methods, and not all commands may be supported by all SFTP applications. 

How will SFTP evolve?

The IETF’s most recent proposed version of SFTP dates back to 2006. Because much has changed on the internet since then, we expect SFTP servers to evolve in several ways in the future:

  1. Enhanced security: Future versions of SFTP will likely incorporate more advanced encryption algorithms and stronger authentication methods to counter emerging threats. SFTP’s security depends on the security of SSH’s encryption as well as the public key encryption used for authentication, and it is likely that both areas will see discovered vulnerabilities in the future. For example, the Terrapin attack highlighted an SSH vulnerability, while researchers have recently discovered that Private Keys created via RSA can be decrypted by applying probability-driven algorithms to identify likely computational errors in the key generation process. While Cerberus by Redwood’s SFTP Server is immune to these threats, other SFTP servers are not, and the goal is to continue evolving encryption standards to eliminate them.
  2. Improved performance: Developers are focused on optimizing SFTP for faster transfer speeds, especially for large files and high-volume transfers. As an example, “High-performance” SFTP is a proposed modification to Open SSH that focuses on a number of optimizations that can cut down on transfer times. Building consensus on these tools and implementations will take time, but the research is in progress. 
  3. Better integration: We can expect improved integration between SFTP and cloud services and modern hybrid IT infrastructures, given the growth of these infrastructure tools. The core integration challenge at present is the volume of providers and the not-quite-standardized implementation of SFTP servers, but as the ecosystem matures it will likely settle on a common implementation model that may include some additional standardization.
  4. Move toward SSH3 and HTTP/3: The Internet Engineering Task Force is currently evaluating proposed “SSH3” protocol that uses HTTP/3 and QUIC as its substrate (instead of TCP or UDP). While these discussions are still experimental, it is clear that SSH (and SFTP) will continue to evolve.

We hope that the above has helped you understand the future of SFTP. If you have any questions about SFTP servers, please contact our team and we’d be happy to discuss them. 

 

Related posts:

  1. OpenSSL vulnerability fixed in Cerberus FTP Server version 11.3.6
  2. Cerberus FTP Server 12.10 presents Independent Directory and File Level Permissions
  3. What is FIPS compliance? How does it affect secure file transfer?
  4. FTP Server Password Policy Recommendations: Keeping Your Passwords Secure