摘要 |
<p>A method of signing digital data. In the method, the data to be signed are subjected to a message digest function to produce a digest of the data to be signed. The message digest is transmitted to a small, mobile transaction device which contains a secret key and a user's PIN code. It is then determined whether a user's PIN code is correct and, if it is, the digest is hashed as a function of said secret key. And the transformed message digest is returned to a service provider. The original data are digested and hashed at the service provider using the same message digest function and secret key. It is finally determined whether the hashed message digest at the service provider matches the hashed message digest received from the transaction device.</p> |