DATA CERTIFICATION METHOD AND APPARATUS

摘要

An apparatus and method for signing electronic data with a digital signature in which a central server comprises a signature server (110) and a authentication server (120). The signature server (110) securely stores the private cryptographic keys of a number of users (102). The user (102) contacts the central server using a workstation (101) through a secure tunnel which is set up for the purpose. The user (102) supplies a password or other token (190), based on information previously supplied to the user by the authentication server (120) through a separate authentication channel. The authentication server provides the signature server with a derived version of the same information through a permanent secure tunnel between the servers, which is compared with the one supplied by the user (102). If they match, data received from the user (102) is signed with the user's private key.