The connectivity of electronic devices plays an important role in modern society. For example, with the advent of so-called cloud services many computational resources which are needed to support, among other, financial transactions, are implemented on a server which is physically inaccessible to users. Furthermore, trends like Bring-Your-Own-Device and Connect-Anywhere-Anytime are clearly visible. Bring-Your-Own-Device refers to the trend that employees are permitted by their employers to bring their own mobile devices to the workplace, and to use those devices to access security-relevant data and applications. Connect-Anywhere-Anytime refers to the trend that users wish to connect their mobile devices at any geographical location and at any moment in time to online services, for example. More and more companies allow the use of private (user-owned) devices for company work and those devices are typically “always connected”, whether in the office, at home or on the road. In other words, such private devices typically have a permanent connection, or at least a semi-permanent connection, to a centralized server in the cloud.
In this context, security plays an increasingly important role. More specifically, it is of paramount importance that the data exchange between user-owned devices, such as personal computers, and centralized servers is secure. In other words, the data exchange should be carried out through authenticated and secure communication channels between user-owned devices and centralized servers. In order to achieve this, user-owned devices should among others be able to store cryptographic keys and to perform cryptographic operations. Known solutions are for example smart cards that are used to authenticate users on (company) laptops. Other devices, which are known as security dongles or authentication dongles, offer a similar functionality. However, such devices typically only perform an authentication step. In other words, they usually cannot assist in securing data that is stored on a user-owned device or that is sent over a network to a server. Furthermore, user-owned devices may be infected by malicious software such as a virus, which increases the risk that cryptographic keys stored in these devices are stolen.
Thus, the level of security and the case-of-use which can be achieved by such known devices are still relatively low. Therefore, there still exists a need to securely exchange data, in a user-friendly manner, between user-owned devices and centralized servers of the kind set forth. Similar problems may occur when data are exchanged between user-owned devices and other remote devices, for example peer devices. Thus, in a broader sense, there still exists a need to securely exchange data, in a user-friendly manner, between user-owned devices and remote devices.