| 摘要 |
A process for the generation of an advanced electronic signature of an electronic document (4) using a signature creation unit (1) comprises the generation of unambiguous user identification data (BI) of a signer; the generation of a one-time used session key (SK); the encryption (BI_crypt) of the user identification data (BI) with the session key (SK); the asymmetric encryption (SK_crypt) of the session key (SK) with a public key (OSK) of a signature server (2); the linking of the electronic document (4), of the encrypted (BI_crypt) user identification data (BI) and of the encrypted (SK_crypt) session key (SK) into a data stream and the formation of an original hash value (OH) from the data stream using a hash algorithm; the generation of a one time certificate key pair (PCZ, OCZ); the generation of a digital client signature (DCS) by encrypting the original hash value (OH) with the private key (PCZ) of the one time certificate key pair; the generation of a digital seal (6, 6′) containing the encrypted (BI_crypt) user identification data (BI), the encrypted (SK_crypt) session key (SK), the digital client signature (DCS) and the public key (OCZ); the embedding of the digital seal (6, 6′) in the electronic document (4). |
