摘要 |
[Problem] To decrypt encrypted data even if a user forgets a password. [Solution] When a user terminal requests a reset of a password, an encryption key management device requests an approval from a manager terminal. When the manager terminal approves, the encryption key management device converts a manager password to a manager password key (211) by use of a one-way function and decrypts an encrypted user password key (222), thereby acquiring a user password key (201). Then, the encryption key management device uses the user password key (201) to decrypt an encrypted user key (200), thereby acquiring a user key (202). Thereafter, the encryption key management device converts a new user password to a new user password key (201) by use of a one-way function and encrypts the user key (202), thereby remaking an encrypted user key (200), and further uses the manager password key (211) to encrypt the new user password key (201), thereby remaking an encrypted user password key (222). |