1. Field of the Invention
The present invention relates to a key management system for managing a key for encryption or decryption of data.
2. Description of the Related Art
Recently, information equipment such as a personal computer has been daily used for business in an organization such as a company. For example, a file server is installed in such an organization. Therefore, clients (users) can access common folders and files set in a file server.
Data of such folders and files are saved (stored) in encrypted form by public-key cryptosystem, for example, to prevent leakage of information. Public-key cryptosystem uses a public key for encrypting plaintext (data) and a private key for decrypting the plaintext encrypted by using the public key.
Persons allowed to access data in a file server may be limited, depending on the data contents. This access right may be provided for each user, or may be provided for each authority of a user, such as a job title and post.
For example, when the access right is set for each authority of a user, a key (e.g., a public key, a private key, etc.) is managed for each user having authority given the access right. The user having the authority given the access right can use the access right by using the managed key.
A technique, which enables even a person other than an owner of key to obtain an original key by sharing a key itself in secret and collecting the necessary number of keys (part keys), has been disclosed as a key-managing method (hereinafter, mentioned as a Prior Art 1, refer to Jpn. Pat. Appln. KOKAI Publication No. 10-198272). According to the Prior Art 1, even if an owner of a key is absent, it is possible to obtain and use the key.
Another technique of managing a key has also been disclosed, in which public-key cryptosystem is not usable in an individual, but usable in a group consisting of a set of individuals, and encrypted data can be decrypted by a member belonging to a specific group (hereinafter, mentioned as a Prior Art 2, refer to Jpn. Pat. Appln. KOKAI Publication No. 11-15373). According to the Prior Art 2, it is easy to change members in a group.
A user who manages a key does not usually hold a fixed authority. A job title or post is sometimes changed in an organization. Therefore, the user's authority may be changed by organizational changes or personnel changes. When the validity of a key managed by the user expires, or a key is lost, the key must be changed (updated).
However, in the Prior Art 1, when a key is changed, it is necessary to change the part keys. In this case, each owner (user) who manages the part keys must change the part keys managed by them. When an owner of the part key is changed, it is difficult to take away the part key that is electronic data, from the owner. Therefore, it is not easy to change the authority of an owner.
In the Prior Art 2, members of a group can be easily changed by encrypting a group private key by a user's public key. There is no problem in handling data shared by two or more members. But, when data held by one user is handled, the data cannot be decrypted if the user loses a key.