To decrypt information encrypted by a currently common technique, a method is adopted by which a key used in cryptographic algorithms is used to directly compute plaintext from ciphertext (see Non-Patent Literature 1, for example).
However, if the situation has changed after the key was passed to an authorized person and it is desirable to prevent the authorized person from performing decryption with the key, this method cannot force the prohibition of decryption of the encryption.
Thus, instead of distributing the key to authorized persons, a method is considered by which the key is held in the inside of a reliable server device and the server device provides a decryption service in response to a request from an authorized person. Such a method is referred to as a cloud-managed key cryptographic scheme. This method does not directly pass a key used in cryptographic algorithms to users, and therefore is expected to be able to stop the users from using encrypted data by stopping a decryption service.