At present, file transfers and banking transactions over the Internet have become popular. But the security of transmitted information is a big concern.
To prevent malicious tamper to the data transmitted over the network, the digital signing technology has been introduced. Digital signing is an authentication technology. In recent years, digital signing for online banking transactions has been advanced to take place in a key device. The digital signing process in the key device includes the following steps: 1) a client host sends data to the key device before transferring the data to a server; and 2) a digital signing process is performed on the data within the key device. Thus, the transferred data is convinced to be “secure”.
However, there are still some problems in above digital signing process to the knowledge of the applicants. The data is transmitted to the key device from the client host before digital signing. If a hacker or a virus has intruded into the host, it is possible that the data transmitted to the key device has been intercepted and tampered on the host side. Thus, the digital signature of a user can be counterfeited. The security of the transmitted data cannot be ensured.