The present invention relates to an information processing system, an information processing method, a recording medium, and a key determination method and apparatus and, more particularly, to an information processing apparatus having a file encrypting system in a portable personal computer capable of exchanging signals with an IC card or the like, and to an information processing method, a recording medium, and a key determination method and apparatus.
In recent years, computers have been miniaturized along with the technical advance, and portable personal computers which can be carried by operators to desired places and operated at the desired places are commercially available. Such a portable personal computer incorporates a large-capacity external storage device such as a hard disk and can store a variety of application programs and files created by these programs although this personal computer is portable.
Computers except portable computers are often installed indoors. Confidential information stored in the computer can be protected from the illegal third party in accordance with a method such as restrictions of entrance/exit into/from a room where the computer is installed. Along with the development of communication networks, hacking from a local host computer to a remote host computer is possible. Even in this case, direct damage to the remote host computer itself can be prevented because the remote host computer is located at a physically remote place.
As the portable personal computer, however, can be carried, the computer itself may be stolen and confidential information stored in it may be stolen. There can be a method of preventing use of confidential information by a person except an authentic user using a password even if the portable computer is stolen. Even if this method is used, the computer is disassembled and a built-in hard disk is removed, so that the confidential information stored in the hard disk can be accessed. It is also difficult to manufacture a personal computer which cannot be disassembled. Even if such manufacturing is possible, the resultant computer becomes bulky and is not suitable for portability. At the same time, a new problem as an increase in manufacturing cost is posed.
In recent years, data are often shared by a plurality of users. Assume that one personal computer is shared by a plurality of users. In this case, data in a hard disk incorporated in this personal computer is to be shared. Also assume that the personal computers of the respective users are connected to each other through a LAN and a recording device connected to the LAN is shared by a plurality of users. In this case, the data in this recording device are shared.
It is, therefore, necessary not only to safely store personal data of users but also to assure safety of highly confidential data shared by the plurality of users.
In sharing the same data by a plurality of users, a pair of encrypting and decrypting keys for group use are required in addition to a pair of encrypting and decrypting keys for personal use. The same data is encrypted by the encrypting key for personal use of a user who shares the same data or the encrypting key for group use of a group who shares the same data. A plurality of encrypted data having the same contents are created and stored. For this reason, the number of keys increases, and the number of types of encrypted data increases. Therefore, management of key information and encrypted data becomes difficult, resulting in inconvenience.
In conventional decryption, the data contents may be destroyed because encrypted data is decrypted using a wrong key.
As described above, the introduction of portable personal computers improves convenience. However, the computer itself is stolen due to its portability, and confidential information stored in the computer is illegally accessed by the third party. Even if access to the confidential information is limited by a password or the like, the computer itself may be disassembled, and the hard disk incorporated in it can be removed. Therefore, it is possible to access confidential information stored in this hard disk.
To encrypt and store data shared by individual users or a group of users in the form which can be decrypted with each master key, a file encrypted using each master key must be stored. The following problems are posed. The data volume of files increases, the encrypting time becomes long, management of master keys and encrypted data becomes difficult, and data may be destroyed by erroneous decryption using a wrong master key.