The invention is a secure server, or trust engine, having server-centric keys, or in other words, storing cryptographic keys and user authentication data on a server. Users access cryptographic functionality through network access to the trust engine; however, the trust engine does not release actual cryptographic keys or other authentication data. Therefore, the system provides that the keys and data remain secure. The server-centric storage of keys and authentication data provides for user-independent security, portability, availability, and straightforwardness, along with a wide variety of implementation possibilities.