According to an IC card, since the reading and writing operations of information from/into the card are executed under a control of an arithmetic operation processing unit which the IC card itself has in terms of its structure, the information can be safely managed as compared with a magnetic card or the like. Therefore, attention is paid to the use of the IC card as means for safely managing information to be made secret. In future, for example, it is expected that the use of an IC card having a function to decrypt an encrypted message and key information necessary for such a function, an IC card having a function to generate a digital signature to electronic data and key information necessary for such a function, or the like is further spread.
It is known that to find a private key by calculations from information such as public key or digital signature which can be known by everyone is very difficult in consideration of an amount of calculations and is actually impossible.
On the other hand, as a new menace to a device having a function such as encryption, decryption, signing, and the like such as an IC card or the like (referred to as a secure cryptographic device), a possibility of an attacking method such as TA (Timing Attack), DPA (Differential Power Analysis), SPA (Simple Power Analysis), or the like for presuming important information (for example, private key) existing in such a device by analyzing a processing time, a current consumption, a generated electromagnetic wave, or the like under an ordinary usage from the outside of the device without physically and directly analyzing such information has been pointed out. For example, if a private key to sign is analyzed by those attacks, an influence such that a person with malice can pretend to become a legal owner is larger, and countermeasures against it are demanded.
The IC card has been disclosed in                a literature [Handbook], Rankl Effing, “Smart Card Handbook”, John Wiley & Sons, 1997.        
The secure cryptographic device has been disclosed in                a literature [ISO13491], ISO13491-1, “Banking-Secure cryptographic devices (retail)-Part 1: Concepts, requirements and evaluation methods”, First edition, Jun. 15, 1998.        
The attacks such as TA (Timing Attack), DPA (Differential Power Analysis), SPA (Simple Power Analysis), and the like have been disclosed in                a literature [DPA], Paul Kocher, Joshua Jaffe and Benjamin Jun, “Introduction to Differential Power Analysis and Related Attacks”, 1998, and        a literature [TA], Paul Kocher, “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems”, CRYPTO'96, 1996,        besides the above literature [Handbook].        
Each of the attacking methods is based on a principle that a measurement result which is indirectly obtained and internal information have a correlation.
As a countermeasure against the Timing Attack to an IC card having a decrypting function of an RSA encryption, an idea of a countermeasure using a technique called a blind signature has been shown in the literature [TA]. It is a method whereby in order to make it difficult to collect sample data which is message when the Timing Attack is made, an encrypted sentence which is given as an input is not directly decrypted but an encrypted message to which random number information has been added is decrypted and an influence by the random numbers is finally eliminated again, thereby obtaining a decrypted message. However, such a method is inadequate in terms of a point that a process for raising data to the private key's power is still included.