Abstract: A use right information processing apparatus securely manages a use right without using an authentication server and appropriately allowing a valid user to use a device. The apparatus performs processing related to authentication and authorization for a user to use a device to be controlled using a smart contract. The apparatus stores authentication data shared with a user terminal used by the user and having a different value for each process, receives signature data generated in the user terminal by signing the authentication data using a secret key corresponding to the user, derives a public key corresponding to the secret key from the signature data and the authentication data using an elliptic curve digital signature algorithm, and obtains, using the public key or corresponding identification information, information regarding a use right of the device of the user recorded in advance in association with the public key or the identification information.