In a conventional information processing system which writes and stores data in a storage device such as a magnetic disk, data processed by an application program executed by a computer is directly written and stored in the storage device. In the case where an unauthorized person uses the computer or another computer accesses the storage device through a communication line such as the Internet, data stored in the storage device may be illegally seen and rewritten, whereby secrets may be leaked or data may be falsified. In the case where the magnetic disk which stores data such as a hard disk is stolen or a hard disk is disposed, secrets may also be leaked. Therefore, an encryption/decryption/digital signature generation/verification device which encrypts data and stores the encrypted data in a storage device has been proposed (see patent document 1, for example).
The invention in the patent document 1 allows the user to perform encryption or the like without inputting a password each time the user performs encryption or the like. However, the user performs encryption by designating the encryption target data stored in the storage device. In the case of decrypting data, the user performs decryption by designating the decryption target data. Therefore, since the user must designate the target data each time the user performs encryption or decryption, the operation becomes troublesome and convenience is decreased. In the case of decrypting the encrypted data and encrypting the data after updating, the user may forget to perform the encryption operation.
In the invention in the patent document 1, since the encryption key used for encryption is encrypted and stored in the device while being associated with the encrypted file, that is, both the encryption key and the encrypted data are stored, secrets may be leaked or data may be falsified when an unauthorized person steals the storage device such as a hard disk and deciphers the encryption key.
In order to improve convenience by allowing predetermined persons to use encrypted data in common, a plurality of predetermined persons may be allowed to use a common encryption key (group key). In this case, since the user must selectively use different types of encryption keys depending on the encryption target data, the user must designate the encryption key each time the user performs encryption or decryption, whereby convenience may be decreased.
Moreover, since the computer used by the user authenticates the user as an authorized user instead of a key management computer which manages the encryption keys and provides the encryption key to the user, an unauthorized person may acquire the encryption key by issuing an invalid request to the key management computer from an unauthorized computer.
Patent document 1: JP-A-9-270784 ([0026] to [0053], FIGS. 4 and 6)