Abstract: To provide a cryptographic system capable of flexibly changing decryption authorization and preventing the action of a third person impersonating a user having the decryption authorization to improperly utilize the system. When an enciphered file is accepted in a client, a decryptor ID, a creator ID, and a first enciphered session key are transmitted to a key management server 10 (step 141). It is judged whether or not the creator ID is stored as a decryption object ID in a management database in correspondence with the decryptor ID (step 147). When the creator ID is stored, the first enciphered session key is deciphered with an inherent key corresponding to the creator ID in the management database (step 148), and the obtained session key is enciphered with a public key corresponding to the decryptor ID (step 149). A secret key is used in a client which has received a second enciphered session key so that deciphering processing is performed, to obtain a session key.

Abstract: A plaintext file 41 is enciphered using a file key 44, to generate ciphertext 42. The file key 44 is enciphered using a secret key 47 and a management key 48, respectively, to form an enciphered key 1 (45) and an enciphered key 2 (46). An enciphered file 43 is produced from the ciphertext 42, the enciphered key 1 and the enciphered key 2. At the time of decryption, the enciphered key 1 is taken out from the enciphered file 43. The enciphered key 1 taken out is deciphered using a secret key 47, to obtain a file key 44. The ciphertext 42 is deciphered using the file key 44, to obtain the plaintext 41.

Abstract: Information is read from a medium such as paper in which information is written. The read information is enciphered. When encryption processing is performed, an encryption key is used. As the encryption key, an encryption key generated for each encryption is used, or an encryption key already generated is used again. The enciphered information is written into another medium such as paper. When decryption processing is performed, information is read from the medium in which the enciphered information is written. The read information is deciphered using as a decryption key the same key as the encryption key used when the encryption processing is performed. The deciphered information is written into another medium such as paper.