A system as claimed in claim 1 wherein the key encrypting key is a one-way function of the private key, the server comprising means to check the recovered value of the private key by deriving therefrom the key-encrypting key and comparing the derived value thereof with the value received from the security device.