-
公开(公告)号:EP0725512A3
公开(公告)日:1998-07-15
申请号:EP96300340
申请日:1996-01-17
Applicant: IBM
CPC classification number: H04L9/0822
Abstract: A data communications system is described in which messages are processed using public key cryptography with a private key unique to one or more users (150) under the control of a portable security device (120), such as a smart card, held by each user, the system comprising: a server (130) for performing public key processing using the private key. The server (130) stores, or has access to, the private key for the, or each, user in encrypted form only. The private key is encrypted with a key encrypting key and each security device (120) comprises means for storing or generating the key encrypting key and providing the key encrypting key to the server (130). The server comprises secure means (360) to retrieve the encrypted private key for the user, decrypt the private key using the key encrypting key, perform the public key processing using the decrypted private key, and delete the decrypted private key after use.
-
公开(公告)号:DE69629857D1
公开(公告)日:2003-10-16
申请号:DE69629857
申请日:1996-01-17
Applicant: IBM
Inventor: DOLAN GEORGE MEREDITH , HOLLOWAY CHRISTOPHER JAMES , MATYAS JR
Abstract: A data communications system is described in which messages are processed using public key cryptography with a private key unique to one or more users (150) under the control of a portable security device (120), such as a smart card, held by each user, the system comprising: a server (130) for performing public key processing using the private key. The server (130) stores, or has access to, the private key for the, or each, user in encrypted form only. The private key is encrypted with a key encrypting key and each security device (120) comprises means for storing or generating the key encrypting key and providing the key encrypting key to the server (130). The server comprises secure means (360) to retrieve the encrypted private key for the user, decrypt the private key using the key encrypting key, perform the public key processing using the decrypted private key, and delete the decrypted private key after use.
-
公开(公告)号:DE69629857T2
公开(公告)日:2004-07-08
申请号:DE69629857
申请日:1996-01-17
Applicant: IBM
Inventor: DOLAN GEORGE MEREDITH , HOLLOWAY CHRISTOPHER JAMES , MATYAS JR
Abstract: A data communications system is described in which messages are processed using public key cryptography with a private key unique to one or more users (150) under the control of a portable security device (120), such as a smart card, held by each user, the system comprising: a server (130) for performing public key processing using the private key. The server (130) stores, or has access to, the private key for the, or each, user in encrypted form only. The private key is encrypted with a key encrypting key and each security device (120) comprises means for storing or generating the key encrypting key and providing the key encrypting key to the server (130). The server comprises secure means (360) to retrieve the encrypted private key for the user, decrypt the private key using the key encrypting key, perform the public key processing using the decrypted private key, and delete the decrypted private key after use.
-
-