CloudFlare has rolled out a "Keyless Secure Sockets Layer" (SSL) technology it claims will let customers encrypt web data without having to hand over their private SSL keys.
Co-founder and CEO Matthew Prince announced the service in a blog post, claiming the technology is the end result of a two-year project designed to protect firms from cyber attacks and state surveillance.
The technology is a development on basic SSL, the technology used for establishing an encrypted link between a server and a client.
Keyless SSL reportedly works by removing the need for the company to share their key – the item that establishes their identity and decrypts data at the end of the secure connection – with CloudFlare.
CloudFlare security engineering lead Nick Sullivan explained: "The private key is only used once in each handshake [connection]. This allows us to split the Transport Layer Security (TLS) handshake geographically, with most of the handshake happening at CloudFlare's edge while moving the private key operations to a remote key server.
"This key server can be put on the customer's infrastructure, giving them exclusive access to the private key."
Prince said the CloudFlare technology will fix ongoing flaws in standard SSL technology, leaving firms' and customers' data vulnerable.
"If you have a private SSL key, you can authenticate as if you were it. You can spoof identity and intercept traffic. If, say, a media organisation loses an SSL key, it's a very bad day. If a financial institution loses one, it's a nightmare," he said.
"In addition to the public embarrassment and loss of trust, in the United States, bankers we met with told us, if an SSL key is lost it's a critical security event that must be reported to the Federal Reserve."
Attacks using bogus SSL certificates are an ongoing problem facing firms of all sizes. In July Microsoft warned web users to be extra vigilant following the discovery of a series of bogus SSL certificates that could theoretically be leveraged by hackers to mount cyber attacks.
In April a major SSL bug codenamed Heartbleed, known to be leaving millions of web servers across the world open to attack, was uncovered.
For more on cloud computing, visit the Intel IT Center.
Tuomo Suntola's ALD technology extended Moore's Law, but was only adopted by chip-makers in 2007
Trump proposes a $1.3bn fine and a round of firings to un-bork ZTE
Findings could mean new optical frequencies to transmit more data along optical cables
Findings made by reconstructing its orbit by numerical simulation