Researchers at IBM and a Swiss university have developed encryptionrevious security flaws. technology to make information sent over the Internet safe from even the most skilled hackers.
The method addresses the potential flaws - discovered earlier this summer - in the SSL (secure sockets layer) encryption system, used by many Web sites to protect information travelling over the Internet.
IBM said it is aware that, although the loophole is small, it needs to stay one step ahead of hackers to eliminate consumer fears over the security of online transactions and therefore securing the future of Ecommerce.
Called the Cramer-Shoup cryptosystem, the new technology was developed by top mathematicians at IBM's Zurich Research Laboratory and the Swiss Federal Institute of Technology.
The inventors claim that the technology effectively closes the back door on so-called active attacks and is unbreakable even to even the most aggressive of computer hackers.
Current cryptosystems are based on extremely advanced mathematical problems that are thought to be insoluble and therefore impossible to crack. But hackers use active attacks that bypass the underlying mathematical problem by sending a series of cleverly constructed messages to a publicly accessible server. A skilled hacker could then decode encrypted messages that pass through the network by analysing the server's pattern of responses to the bogus text.
The Cramer-Shoup method blocks these attacks by adding another series of calculations, which ensure that the server leaks no information when responding to the hacker's text.
"Businesses and consumers can have greater confidence in Internet transactions, because we've effectively closed down the only way around a cryptosystem's main line of defence," said Jeff Jaffe, general manager for IBM's security products and services. "This system delivers a new level of integrity for Internet communications, and is particularly suited for Ecommerce applications such as cyber-auctions, credit card purchases and protecting private information."
IBM plans to incorporate the new systems into a future version of its Vault Registry software, its public key infrastructure product, which allows Ecommerce transactions to travel across organisational boundaries in a private secure manner.
- More Internet news, p20.
HP and Centrica are the first industry partners to sign up to the government's new Code
New ice grows faster but is also more vulnerable to weather and wind
With a crackdown on cheats is coming in November, PUBG rushes to fix matchmaking problems introduced in Update #22
New material uses carbon dioxide from the air to repair and reinforce itself