The key device, or security token device, is a small hardware device with a processor and a memory, and it uses the dual-factor authentication method, being simple for use and lower in cost. With a built-in single chip microcomputer or a smart card chip, the key device can store the user's key or digital certificate, and uses the encryption algorithm inside the key device to authenticate the user's ID. The key device has functions as email encryption, digital signature, security certificate, security network logon, access to SSL (Security Socket Layer) network etc and has advantage of ensuring the private key to be never apart with the hardware device, with anti-attack physical performance, thereby providing higher security.
The key device generally authenticates a user's ID by encryption or digital signature based on the public key system. The above-mentioned signature ensures the confidentiality and non-repudiation of the information. As a principle of using digital signature in authentication, firstly, it is to make signature of a plaintext with a user's private key to get a digital signature, then send the digital signature to a person responsible for the authentication; secondly, the person decrypts the public key of the authenticated user, and compares the result with the original plaintext to the finish authentication. The data of the digital signature is limited in size, therefore the authenticated user needs to make HASH operation of the plaintext to be signed, and then sends the HASH value to the key device for signing. HASH algorithm, also known as one-way hash algorithm, is an algorithm unable to make a reverse operation of the original information in the case of having known the operation result and algorithm. The hash algorithm generates a constant output size from the input information with different size (also known as “seed”).
The above-mentioned process cannot ensure the security of the data to be signed or encrypted because the computer itself also has security troubles. For example, when a computer is hit by a Trojan virus, the data to be encrypted or signed will be changed by the low-layer Trojan, and then be sent to the key device for digital signature or encryption. Therefore, the user cannot judge whether the data to be encrypted or signed in the key device is true, which seriously affects the security of the key device, makes the key device unvalued, and suffers the user with unnecessary loss.
The display technology makes a quite great development. Thus, people is no longer confined to a display with big size and high power consumption, it is easy to get a display part with smaller size, lower power consumption, higher performance, and it is easy to be developed. It is possible to use the part to a key device. The liquid crystal display, OLED, and LED etc are all good choices, especially the liquid crystal technology. The liquid crystal display has advantages of low working voltage, low power consumption, large quantity of information, long life span, no electromagnetic emission, and complicated word displaying ability.