Researchers at IBM and a Swiss university have developed new encryption technology to make information sent over the Internet safe from even the most skilled computer hackers.
The new method addresses the potential flaws - discovered earlier this summer - in the SSL (secure sockets layer) encryption system, used by many Web sites to protect information travelling over the Internet.
IBM says it is aware that, although the loophole is small, it needs to stay one step ahead of hackers to eliminate consumer fears over the security of online transactions and therefore securing the future of ecommerce.
Called the Cramer-Shoup cryptosystem, the new technology was developed by top mathematicians at IBM?s Zurich Research Laboratory and the Swiss Federal Institute of Technology.
The inventors said that this effectively closes the back door on so-called ?active? attacks and is unbreakable even to even the most aggressive of computer hackers.
Current cryptosystems are based on extremely advanced mathematical problems that are thought to be insoluble and therefore impossible to crack. But hackers use ?active? attacks that bypass the underlying mathematical problem by sending a series of cleverly constructed messages to a publicly accessible server. A skilled hacker could then decode encrypted messages that pass through the network by analysing the server?s pattern of responses to the bogus text.
The Cramer-Shoup method blocks these attacks by adding another series of calculations, which ensure that the server leaks no information when responding to the bogus text.
IBM hopes that, by adding this extra security layer, it will further allay any fears consumers may have over the security of online transactions - a major obstacle to the growth of ecommerce.
?Businesses and consumers can have greater confidence in Internet transactions, because we?ve effectively closed down the only way around a cryptosystem?s main line of defence,? said Jeff Jaffe, general manager for IBM?s security products and services. ?This system delivers a new level of integrity for Internet communications, and is particularly suited for ecommerce applications such as cyber-auctions, credit card purchases and protecting private information.?
IBM plans to incorporate the new systems into a future version of its Vault Registry software, its public key infrastructure product, which allows ecommerce transactions to travel across organisational boundaries in a private secure manner.
Double legal trouble for Musk as he also faces civil lawsuit over renewed British pot-holer 'paedo' claims
Battery development could help boost performance of smartphones
Topological photonic chips promise a more robust option for scalable quantum computers
In quantum physics both the chicken and the egg can come first, claim University of Queensland researchers
Cause-and-effect is not always straightforward in quantum physics