摘要 |
The invention relates to an ID token (106) having a memory (118), wherein attribute values of a user (102) are stored in a first memory area (124), and hash values of the attribute values, which have been determined using a first hash algorithm, are stored in a second memory area (126), wherein means are provided in order to assign the hash values to the respective attribute values, having an interface (112) for receiving an attribute requirement (152) having an attribute specification, which specifies a plurality of attributes, and a signature request which contains the attribute specification, and for transmitting the attribute values corresponding to the attributes and an electronic signature for the attribute values, and having a processor (130), wherein the processor (130) is configured for generating a combination of the hash values of the attribute values corresponding to the attribute specification, wherein the processor is configured for generating a total hash value from the combination of the hash values by execution of a second hash algorithm after reception of the signature request, and wherein the processor is configured for generating the electronic signature from the total hash value. A system (100) for generating a signature has such an ID token (106) and a terminal computer system (104) which has an interface (110) to form a connection to the ID token (106). The invention further relates to a method for generating an electronic signature of a user (102) for an electronic document, with such an ID token (106). |