As an increasing number of individuals own or have access to personal computers, more and more individuals are generating electronic documents. Examples of electronic documents include electronically filed tax returns, contracts for goods or services ordered online through the internet, e-mail, word processing documents, or any other type of document that has a digital form. Some electronic documents are of a type that the individuals involved in generating, sending or receiving such documents might prefer to have the documents maintained as secure and confidential for long periods of time.
Unfortunately, many personal computers have insecure configurations. With the increasing popularity of the Internet, many personal computers are vulnerable to being accessed remotely by hackers on the Internet. Further, many home personal computers are not configured with passwords and as a result anyone with physical access to the personal computer such as a friend, a child care giver, or a relative may accidently or intentionally gain access to sensitive electronic documents. Although cryptography software exists to encrypt private electronic documents, many individuals do not have the technical skill to install and configure encryption software correctly on their personal computers. Consequently, there exists a need for a system and method of protecting personal electronic documents which can be more easily used by individuals.
Electronic documents belonging to individuals are often stored on a hard drive of a personal computer. For example, consumer tax software typically generates electronic tax return documents which are stored on a hard drive. Word processors often store electronic document files in a common directory on a hard drive. E-mail received by and sent from a personal computer is also often stored on a hard drive. Unfortunately, over time personal computers may encounter software and/or hardware problems which destroy computer files stored on a hard drive. Unless the individual proactively and regularly performs backups of computer files located on the hard drive of their personal computer, important, difficult to replace, personal electronic documents may be lost due to a hardware or software problem. Even if the documents are backed-up on removable media such as a tape, portable disk or CD, the portable media itself may become corrupted, unreadable, obsolete, or lost. As a result, there exists a need for a system and method of storing important personal electronic documents which can preserve the integrity of the documents for long periods of time.
With the enactment of electronic signature laws at the state and federal levels, individuals are likely to encounter more opportunities to generate and electronically sign electronic documents. Many electronic signature systems use public key encryption methods to generate and validate electronic signatures. When signing an electronic document an individual uses a secret private key to generate a digital signature for the electronic document. Such a private key is generally associated with a public key. Another party may use the public key to authenticate the electronic document and digital signature. Such public keys are often distributed as part of a digital certificate which is digitally signed by a trusted third party certificate authority.
Although the digital certificate and public key may be publicly disclosed to the world, the private key must remain a secret to prevent forgeries. When a person wishes to digitally sign a document, the user must employ a computer program which has access to the private key. As with encryption software, many individuals do not have the technical skill to successfully install and use digital signature programs on their personal computers. Consequently there exists a need for a system and method of digitally signing electronic documents which can be easily employed by individuals.
In general, when a digital signature program belongs to a person using the program, that person may have reasonable assurance that the person's private key will be kept a secret by the program. In addition the person has reasonable assurance that the electronic document being signed corresponds to the electronic document that was read and reviewed by the person. Unfortunately, if the digital signing program belongs to an untrusted party, the individual has very little assurance that a private key inputted by the individual will remain a secret and/or that the electronic document that was read and reviewed by the individual is the actual document being digitally signed. As a result there exists a need for a system and method of protecting the confidentiality of private keys used to digitally sign electronic documents. There also exists a need to provide a system and method of digitally signing electronic documents which provides additional assurance to individuals that the process is a safe substitute for signing paper documents.