| 摘要 |
Described is a communications system in which messages may be processed using public key cryptography with a private key (SKu) unique to one or more users (150). The system comprises a server means (130) adapted for data communication with a client (110) via a network (100), the server means (130) comprising first data storage means in which is stored in a secure manner a private key for the or each user, the private key being encrypted with a key encrypting key. The server means further comprises second data storage means in which is stored applet code executable on the client. The server provides the applet code to the client via the network in response to connection of the client to the server via the network. The applet code comprises secure processing means operable, when executed in the client, to receive a message to be processed from the user, to retrieve the encrypted private key for the user from the server means via the network, to receive the key encrypting key from the user, to decrypt the private key using the key encrypting key, and to perform the public key processing for the message using the decrypted private key. The applet code and the associated keys are removed from the client on termination of the applet code. |
