At present, mobile communication devices can be used to communicate with various databases, payment systems or the like. In such connections, the secure and reliable processing of data is significant, because e.g. in payment applications, the user can, for example, order and pay for products. Thus, the system must be so reliable that what the user sees, for example, on the display of the mobile communication device, really corresponds to what takes place in the system. However, it is now already possible to download programs from various data sources into mobile communication devices, wherein the user cannot be fully certain of the reliability of such programs. In some cases, such a program may modify the information visible on the display to such a format which does not correspond to the information entered in the mobile communication device and/or the information transmitted from the mobile communication device. It is thus possible that the user believes to have paid the price visible on the display for the product ordered by him/her, but the program has modified the user's payment instructions in such a way that the price has been higher or that the price paid for the product to the supplier has been correct but, in addition to the price charged for the product, for example, an extra sum has been transferred from the user's account e.g. to the account of the program provider. Another possibility of misuse in the above-presented order event is that the user believes that he/she enters the correct delivery address but the program in the mobile communication device replaces the delivery address with another address. Thus, the user will not receive the product although having paid for it. When using the mobile communication device, other situations may also occur in which the information visible on the display may be different from the information actually processed in the mobile communication device.
In mobile communication devices, portable sound reproduction devices, computers, etc., it is now possible to reproduce digital audio information. The copying of such audio information in digital format is relatively easy. In the copying, the sound quality remains substantially as good as the sound quality of the original recording. To make the copying more difficult, various copy protection methods have been developed, such as the recording of digital audio information in encrypted format. The reproduction of such a recording requires decryption. Thus, in connection with the purchase of the recording, the purchaser is given a decryption key which the user must enter in the sound reproducer before the recording can be listened to. Another possibility is that the decryption key is sent to the purchaser of the recording by mail, wherein the recording can be listened to. A problem with arrangements like this is, however, that it does not prevent the transmission of the decryption key with a copied recording.
It is known that information needed by the user or the device can be encrypted with one key, the encrypted information can be stored in the memory of the device, and it can be decrypted with another key. In asymmetric encryption, the key used in encryption is different from the key used in decryption. Correspondingly, in symmetric encryption, the key used in encryption is the same as the key used in decryption. In asymmetric encryption, these keys are normally called a public key and a personal key. The public key is intended for encryption and the personal key is intended for decryption. Although the public key may be commonly known, it can normally not be used to easily determine the personal key corresponding to the public key, wherein it is very difficult for an outsider to find out information encrypted with this public key. One example of a system based on the use of such a public key and a personal key is the PGP system (Pretty Good Privacy), in which the user encrypts the information to be transmitted with the public key of the receiver, and the receiver will then open the encrypted information with his/her own personal key. However, there are considerable drawbacks in the systems of prior art. The key strings required by sufficiently secure systems are so long that even their storage in a safe way may, depending on the storage technology used in each application, cause considerable costs. If the key string is too short, it will be relatively easy to break up with modern data processing equipment. This problem is particularly significant in portable data processing and communicating devices, in which the limited processing capacity also prevents the use of long keys.