Sensitive information is routinely transmitted over networks of computers exploiting public media, such as the INTERNET. For example, transmission of credit card numbers is commonplace for carrying out electronic commerce (e-commerce) transactions. A major concern relating to this kind of applications is that of avoiding the possibility of someone (such as a hacker) intercepting the sensitive information during transmission.
Typically, the sensitive information is encrypted to ensure a certain level of transmission security. For example, the network employs a protocol known as Secure Sockets Layer (SSL), which is based on a private and public key encryption scheme. In this way, a potential hacker sniffing a communication over the INTERNET will still need to decipher any intercepted block of data, in order to acquire the sensitive information being transmitted.
However, this solution is not completely satisfactory. Particularly, the techniques known in the art do not ensure protection from attacks against a server computer of the network to which the sensitive information has been transmitted; particularly, a hacker may break into the server computer and acquire the sensitive information stored therein.
Moreover, although the encryption schemes commonly used provide a notable level of security, their effectiveness is inherently limited to the extent that the encryption key may be fraudulently acquired, or the encryption scheme may be derived by analysing the intercepted blocks of data.
Finally, none of the solutions known in the art provides a satisfactory protection against attacks intended to overload the server computer with fake incoming traffic.
It is an object of the present invention to overcome the above-mentioned drawbacks. In order to achieve this object, a method as set out in the first claim is proposed.