About Thawte

News

Encryption discovery could lead to advancements in cybersecurity

Two MIT researchers have recently discovered how to secure widely used encryption schemes against attackers who have intercepted examples of successful decryption, marking a major advancement in computer security.

An MITnews profile highlighted the recent development that was unveiled at the International Conference on the Theory and Applications of Cryptographic Techniques, where postdoctoral candidates Huijia Lin and Stefano Tessaro described a new technique for protecting against chosen ciphertext attacks (CCAs). A CCA is a method in which codebreakers gather information primarily via an algorithm-encoded text (ciphertext), where it is then able to obtain its decryption under an unknown key.

According to MITnews, standard public-key encryption is secure as long as an attacker knows nothing other than the public key. Most financial transactions use public key encryption, which utilizes a key each assigned to the sender and the recipient. Assuming that an attacker only knows its public key, information remains secure. In reality, attackers obtaining sophisticated CCA decryption schemes do exist, making it difficult for public-key security to perform its function.

What Lin and Tessaro discovered is that by combining a weakly encrypted ciphertext with a strongly encrypted one, the result is a strongly encrypted hybrid key that eliminates all known vulnerabilities.

"In real life, maybe it seems more plausible that people would just get a couple of examples of ciphertexts and messages, but as cryptographers, we always want to prevent the worst possible scenario," said Lin. "By considering the strongest attack, we automatically become immune to all possible scenarios."

The postdoctoral candidates' findings could be of practical use in the development of more-secure encryption protocols, but it could also provide theoretical insight into the very nature of cryptographic security and potentially lead the way toward future developments.

Stay safe when accessing information. Protect your sensitive data with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?