| 摘要 |
The invention relates to a method 20 for signing data. According to the invention, a first device 12 accesses an encrypted first part denoted sm relating to a private key. A second device 16 accesses a second part denoted ss relating to the private key. The first and the second part relating to the private key are generated to satisfy a predetermined mathematical formula. The method comprises the following steps. The first device generates a symmetric key by using data entered by a first device user. The entered data is used as diversification data. The first device decrypts the encrypted first part relating to the private key by using the symmetric key. The first device carries out a first part of a data signature by using data to be signed and the first part relating to the private key, a first result being a part- signature. The first device sends to the second device the part-signature 210. The second device carries out a second part of the data signature by using the part- signature and the second part relating to the private key, a second result being a complete signature. And the second device sends to the first device or a third device the complete signature 222. The invention also relates to corresponding first device and system. |
