1. Field of the Invention
The present invention relates to a secret information management apparatus and secret information management system for encrypting and storing data, and more particularly, it relates to a secret information management apparatus and secret information management system capable of decrypting encrypted data, for example, even when a user has lost an encryption key.
2. Description of the Related Art
Recently, secret information management apparatuses have been used to encrypt and store data to be managed as secret information. For example, in a company, secret information may be better managed by the whole company in a collective manner than by individual users. In such a case, the secret information management apparatus is used.
In the secret information management apparatus, an encryption key is used to encrypt and decrypt secret information (hereinafter also referred to as data). However, when each data are encrypted with different encryption keys, the burden of managing the keys imposed on the user increases in proportion to the number of data.
From the viewpoint of reducing such burden, there has been proposed an encrypted file sharing method in which a hierarchical access is permitted to the user to enable the reduction of an amount of key information managed by the user (e.g., refer to Jpn. Pat. Appln. KOKAI Publication No. 6-175905).
In the method of the above-mentioned document, files (data) are encrypted with the same encryption key for each directory in a server (secret information management apparatus) accessed by a plurality of persons. At this point, a hierarchical structure representing the access permission of the files coincides with a hierarchical structure of the directories, and the encryption keys of all the directories under a directory IDn are encrypted with the encryption key of the directory IDn and stored in the directory IDn. The user is only required to have the encryption key of one directory alone in the hierarchical structure to access all the directories under that directory. As a result, the burden of managing the keys imposed on the user can be less than when each data are encrypted with different encryption keys.
However, in the method of the above-mentioned document, all the data in the directory cannot be accessed if the user has lost the encryption key. In other words, the burden of managing the keys imposed on the user is reduced, but the effect of losing one encryption key is greater.
For example, when the encryption key is stored in a storage device such as a smartcard, all the encrypted data in the secret information management apparatus cannot be decrypted, for example, if the storage medium is lost.