The development of telecommunications via the long-distance exchange of electronic files (electronic trade, electronic mail, authentication in electronic format, etc) has resulted in the arrival of cryptographic processing techniques aiming to protect the messages transmitted on electronic communication networks to stop any attempts to frauds to which said messages may be subject.
Amongst the operations for the cryptographic processing of a message, it is possible to cite the encrypting of the entire message. However, this technique remains extremely cumbersome and is often superfluous, at least in situations where the recipient of the message merely wishes to ascertain the identity of the sender and the completeness of the message he receives in uncoded form. Thus, in order to meet these requirements, the concept of the electronic signature has been developed.
The electronic signature is based on the following principles:
The writer of a message who wishes to authenticate its origin, that is sign it, has available a secret number called a private key Kpr intended for writing an electronic signature for said message. Another key, known as a public key Kpu, is available to any recipient of a message originating from the same sender so as to be able to check the electronic signature of the received message. Said public key is generally associated with the name of the sender and other data, such as the period of validity of the key, in a protected structure called a certificate. The protecting of the certificate rests on the fact that all the data is itself signed by a “reliable third party” with his private key Kprtc and whose public key Kputc is accessible to all.
The writing of the signature is made in two stages. First of all, the message is reduced, known as “hashed,” by means of a sole direction reduction algorithm, such as those known under the names of SHA1 or MD5. Then the reduced message is encrypted by public key algorithm, for example RSA or ECC, with the aid of the private key of the signer. The result of this encrypting constitutes the signature.
The uncoded message, the signature and possibly the certificate containing the public key Kpu are sent to the recipient via the communication network.
The recipient must then check that the signature received fully corresponds to the message and its author. In order to do this, he reduces the message using the sole direction reduction algorithm selected by the signer and decrypts the signature by using the public key Kpu of the signer. The signature is recognised valid if the result of reduction of the message equals the result of decrypting of the signature. The same method can be used to check the data contained in the certificate with the aid of the public key Kputc of the reliable third party who sent it.
It is interesting to note that the electronic signature depends on the contents of the message and the private key of the signer whereas the handwritten signature identifies the author but is independent of the message.
So as to give a legal value to the electronic signature, it is necessary to prove certain facts including:                The signer must have a private key held by nobody else;        The signer needs to be sure of the message he signs;        The recipient needs to be sure that checking of the signature is properly carried out on the received message;        The recipient needs to be certain of the result of checking.        
If one of the above conditions is not verified, the signer and/or the recipient can dispute validity of the signature.
Now, most of the cryptographic processing operations of a message, especially the writing of an electronic signature and its checking, are carried out in office computer environments. However, the computers are open systems on which there is no control of security, as the user is free to install any software he chooses. Similarly, for the computers connected to the communication networks, a large number of <<virus >> or undesirable programmes can be introduced without the knowledge of the user.
Thus, it is necessary to consider the environment of the computer as being “uncertain”.
The simplest situation to calculate an electronic signature, for example, could consist of using the computer as a device for storing the message and the keys and as a device for writing the signature. This solution is clearly unacceptable as the keys stored in the computer can be read by a hacker via the communication network and the same hacker could remotely use the computer to calculate a signature on a message the owner of the computer does not wish to sign.
Thus, it is desirable to be able to have available a protected cryptographic processing device which, in the example for writing a signature, would be used to store the private key of the signer and for calculating the signature, the message remaining stored in the storage element constituted, for example, by the computer.
As a protected cryptographic processing device, it is possible to use a microprocessor card, also called a microchip card. Regarding the signature of a message, the microchip card offers the following services:                Storing the private key of the signer        Calculation of reduction of the message        Encrypting of the reduced message.        
A typical example of the architecture of installing this application basically includes a computer to which the microchip is connected by means of a box. From the computer point of view, the operations occur as follows:                Storage of the message in a storage element of the computer;        Editing the message on the computer;        Calculation of the reduced message on the microchip card;        Encrypting of the reduced message by the card after checking the confidential code introduced by the signer by means of the box;        Sending of the message and signature by the card to the computer for communication to the network.        
With this system, the signer is sure that nobody other than he can use his private key for signing. This solution is currently used and is sufficient for calculating the signature whose range has no legal value but for protecting a closed set of computers, such as the internal networks of large concerns.
However, it shall be observed that the cryptographic processing system described above does have a certain number of drawbacks                The signer is not certain of the message he signs since he is not guaranteed that a virus in the computer has not modified the message before the reduction operation;        The recipient is not certain that checking has been properly carried out concerning the message received since there is no guarantee that a virus in the computer has not made the message appear correctly on the screen when the signed message is not the one displayed;        The recipient is not certain of the result of checking since there is no guarantee that a virus in the computer does not reveal any signature as verified when the latter is false.        