Researchers at IBM and a Swiss university have developed encryptionrevious security flaws. technology to make information sent over the Internet safe from even the most skilled hackers.
The method addresses the potential flaws - discovered earlier this summer - in the SSL (secure sockets layer) encryption system, used by many Web sites to protect information travelling over the Internet.
IBM said it is aware that, although the loophole is small, it needs to stay one step ahead of hackers to eliminate consumer fears over the security of online transactions and therefore securing the future of Ecommerce.
Called the Cramer-Shoup cryptosystem, the new technology was developed by top mathematicians at IBM's Zurich Research Laboratory and the Swiss Federal Institute of Technology.
The inventors claim that the technology effectively closes the back door on so-called active attacks and is unbreakable even to even the most aggressive of computer hackers.
Current cryptosystems are based on extremely advanced mathematical problems that are thought to be insoluble and therefore impossible to crack. But hackers use active attacks that bypass the underlying mathematical problem by sending a series of cleverly constructed messages to a publicly accessible server. A skilled hacker could then decode encrypted messages that pass through the network by analysing the server's pattern of responses to the bogus text.
The Cramer-Shoup method blocks these attacks by adding another series of calculations, which ensure that the server leaks no information when responding to the hacker's text.
"Businesses and consumers can have greater confidence in Internet transactions, because we've effectively closed down the only way around a cryptosystem's main line of defence," said Jeff Jaffe, general manager for IBM's security products and services. "This system delivers a new level of integrity for Internet communications, and is particularly suited for Ecommerce applications such as cyber-auctions, credit card purchases and protecting private information."
IBM plans to incorporate the new systems into a future version of its Vault Registry software, its public key infrastructure product, which allows Ecommerce transactions to travel across organisational boundaries in a private secure manner.
- More Internet news, p20.
Connexin drops out of Ofcom auction due to start next week
SwiftKey users now send two billion emoji every week
Recruitment plans are 'most ambitious ever', claims Openreach HR director Kevin Brady
Samsung's under-the-hood improvements separate the S9 from the pack when it comes to the display