In recent years, accompanying the advances in computer communication technology, it has become normal for confidential information of various levels to be sent over information communication networks. Examples of such confidential information include citizen register information and registry information that is handled by government and other public offices. In business enterprises also, various kinds of information of trade secrets are converted into electronic form to allow the information to be shared utilizing computer networks. Because of these circumstances, maintaining the confidentiality of electronic information flowing on a network is an extremely important problem.
In addition to maintaining confidentiality, since required confidential information loses its value as information unless it can be used when required, it is necessary to establish suitable countermeasures to prevent hazards such as, for example, alteration of information or destruction of data caused by various kinds of attacks.
In order to achieve these objectives, encrypted communication protocols such as SSL (Secure Sockets Layer) or TLS (Transport Layer Security) have been devised and are in practical use in conventional information communication among computers comprising client-server systems.
In addition to these standard technologies, other cases in which systems have been devised and practically applied include user authentication to which a terminal control system was applied (see Patent Document 1) and, as seen in the Kerberos protocol, a mechanism that combines user authentication and an encryption key exchange function for realizing encrypted communication on a communication path (see Patent Document 2 etc.).
Further, in contrast to the Kerberos protocol in which a secret key used in encrypted communication between a client and a server is generated by an authentication server, a system also exists in which a client generates a secret key for encrypted communication after undergoing user authentication.
In another example of the prior art, the aforementioned Kerberos protocol is applied to realize a so-called single sign-on function in which once a client has received user authentication, any accesses made by the client to the same server thereafter are permitted without the client having to undergo user authentication again (Patent Document 3). In this example of the prior art, a ticket to enable access by a client to an authorization server is generated by an authentication server, and the client uses the ticket to access the authorization server. A feature of this method for generating tickets is that irreversible operations are performed a plurality of times and a difference in the operation results over the relevant number of times is utilized to determine whether or not to permit a single sign-on.    [Patent Document 1] Japanese Patent Publication No. 6-54485    [Patent Document 2] Japanese Patent Laid-Open No. 08-204696    [Patent Document 3] Japanese Patent Laid-Open No. 2000-222360