JPH08123758A - Digital information storing system and its method - Google Patents

Abstract

PURPOSE: To provide a system and a method capable of storing digital information received from an information center or the like or prepared by a user himself (or herself) and allowed to be optionally reused in each user's terminal and distributing the stored information to the corresponding terminal at need. CONSTITUTION: Digital information recorded in information recording means 21 built in plural user's terminals 20 is sent to an information storage 40 together with user identification(ID) numbers stored in respective user ID number storing means 22 through a communication line 30 and stored in an information storing means 41 correspondingly to the user ID numbers, and at the time of receiving a user ID number and an information receiving request message from a user terminal 20 omitted with digital information or the terminal itself, the digital information corresponding to the user ID number is extracted from the means 41 and transmitted to the user terminal 20 to recover the information.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to digital information received from an information center or the like at a plurality of user terminals or digital information created by the user himself and which can be reused at will. The present invention relates to a digital information storage system and method for storing it for each case and delivering it to a corresponding user terminal as needed.

[0002]

2. Description of the Related Art In recent years, digital information compression techniques for audio, moving images, still images, etc. (eg MPEG = Moving Picture I)
mage Coding Expert Group, JPEG = Joint Photogra
phic Expert Group, etc.) and the development of high-speed digital communication technology represented by ISDN.
It has become possible to convert a copyrighted work such as a book into digital information, compression-encode it, and deliver it from an information center or the like to each user terminal via a communication line.

For computer software, which has a smaller amount of data than digital information such as the above-mentioned images, there is an example in which a delivery service has already been implemented using personal computer communication or the like, and its application form is shown in FIG. Such a digital information communication system (Japanese Patent Application No. 6-8057)
There is No. 0).

In FIG. 2, 1 is a card, 2 is a terminal device, and these constitute a user terminal 3. Further, 4 is a communication line composed of a public telephone network, a dedicated network or the like (including wired / wireless), and 5 is an information center.

The card 1 is provided with a security information storage means 6 for storing a user identification number, a card secret key, title information of digital information, a decryption key, etc., and is detachably attached to the terminal device 2. To be

The terminal device 2 has a communication control means 7 for controlling communication with the information center 5, a verification means 8 for verifying digital signature information from the information center 5, a verification means 9 for verifying information content, Input means 1 for entering password
0, session key extracting means 11 for extracting a session key received from the information center 5, signature generating means 12 for performing a digital signature, encryption / decryption means 13 for performing encryption / decryption processing of digital information, and received information is accumulated. The information storage means 14 and the information output means 15 for reading the received information and outputting it in a usable format are provided.

In the above configuration, when the user terminal 3 receives a digital information delivery service (usually charged) from the information center 5, the signature generation means 12 and the verification means 8 cause the user terminal 3 and the information center 5, respectively. After exchanging and verifying the digital signature of the
Then, the digital information is encrypted, the digital information is stored in the information storage means 14, and the information title, the decryption key, etc. of the digital information are stored in the security information storage means 6 of the card 1. Similarly, with respect to the digital information created by the user himself, the digital information is encrypted by the encryption / decryption means 13 and stored in the information storage means 14, and the information title, the decryption key, etc. of the digital information are stored in the card 1. The information is stored in the security information storage means 6.

In the user terminal 3, when using the digital information, the collating means 9 collates the password, and then the decryption key corresponding to the title of the digital information to be used is supplied from the security information accumulating means 6 of the card 1. The information is extracted, the encryption / decryption means 13 uses this to decrypt the corresponding digital information body in the information storage means 14, and the information output means 15 outputs it.

[0009]

By the way, in the user terminal described above, it is not the original user who stores the user identification number, the information title of the digital information, the decryption key, etc. in the removable card. In order to prevent the information from being extracted from the information center using the identification number and the digital information stored in the terminal device being used arbitrarily, the information in the card is generally stored in another medium. Can not be backed up.

On the other hand, since there is a limit to the amount of information that can be stored in the user terminal, especially the amount of information that can be stored in the card, unnecessary digital information that has not been used very often can be stored in the title of the card based on the user's operation. The information and the decryption key are deleted from the terminal device or overwritten with new information.

However, in this case, there is a case where necessary digital information is erased intentionally or erroneously, or the digital information accumulated in the terminal device cannot be used due to the card being stolen or lost. In such a case, conventionally, there is a problem in that the same digital information delivery service is again received from the information center and the user himself has to create the service, resulting in unnecessary cost and effort.

An object of the present invention is to provide digital information received from an information center or the like at a plurality of user terminals or digital information created by the user himself and which can be arbitrarily reused for each user terminal. It is to provide a digital information storage system and method that can be stored and can be delivered to a corresponding user terminal as needed.

[0013]

In order to achieve the above object, the present invention records digital information received from an information center or the like, or digital information created by the user himself and which can be arbitrarily reused. A plurality of user terminals having an information recording means and a user identification number accumulating means for recording the user identification number generated by the user or issued by an information center or the like, and via each user terminal and a communication line. The information storage unit is provided with an information storage unit that is connected and stores the user identification number storage unit and the information recorded in the information recording unit corresponding to each user terminal.

[0014]

According to the present invention, even when necessary digital information is erased by the user's intention or erroneous operation, or even when the digital information stored in the user terminal cannot be used due to theft or loss, the user can use the digital information. By transmitting the information reception request message together with the user identification number from the person terminal to the information storage, the digital information stored in the information storage means of the information storage can be downloaded.

[0015]

1 shows a first embodiment of a digital information storage system of the present invention. In the figure, 20 is a plurality of user terminals, 30 is a communication line, and 40 is an information storage.

The user terminal 20 is an information recording means 21 for recording digital information received from an information center or the like or digital information created by the user himself and which can be arbitrarily reused, and generated by the user. It is provided with a user identification number accumulating means 22 for recording the user identification number or a user identification number issued by an information center or the like, and a communication control means 23 for communicating with the information storage 40 via the communication line 30.

FIG. 3 shows an example of information storage of the information recording means 21, in which the title number, the decryption key and the information body corresponding to each digital information are present. Further, FIG. 4 shows an example of information storage of the user identification number storage means 22.

Incidentally, the parts relating to the transmission and reception of digital information to and from the information center (not shown) and the parts relating to the creation and use of the digital information by the user themselves, which have been described in the conventional example, are not directly related to the present invention. I omitted it. Although the integrated device is shown here, a card having means for accumulating title information, decryption key, user identification number, etc. of digital information, and a terminal device having information recording means and other means It goes without saying that it may be a separate type device constituted by.

The communication line 30 is composed of a public telephone network, a dedicated network or the like (including wired / wireless), and may be the same as the communication line connecting each user terminal and the information center.

The information storage unit 40 stores the contents of the user identification number storage means and the information recording means in each user terminal 20 correspondingly, and each user terminal 20 via the communication line 30. And a communication control means 42 for communicating with. FIG. 5 shows an example of information storage of the information storage means 41.

FIG. 6 shows a procedure for storing and recovering digital information in the first embodiment, and the operation will be described below according to this procedure.

First, the procedure for storing information will be described. The user terminal 20 receives the digital information I such as the title number, the decryption key and the information body shown in FIG. 21 (step S1), and user identification number ID as shown in FIG.
u is taken out from the user identification number storage means 22 (step S2), and both are sent via the communication line 30 to the information storage 4
0 (step S3). After that, information storage 4
0 stores the digital information I and the user identification number IDu in the information storage means 41 in association with each other (step S).
4).

Next, a description will be given of the recovery procedure when the loss of information occurs intentionally or erroneously. User terminal 2
0 sends an information reception request message together with the user identification number IDu to the information storage 40 (step S5). The information storage 40 collates the information in the information storage means 41 with the received user identification number IDu (step S6), extracts the corresponding digital information I (step S7),
It transmits to the user terminal 20 (step S8). afterwards,
The user terminal 20 stores the information in the information recording means 21 (step S9). By the above procedure, the information recovery is completed and the information can be used again.

If the information cannot be used due to the theft or loss of the card in the separated user terminal, a card reissuing procedure is performed at the card issuing center.
The recovery procedure described above is performed after the same card is obtained.

FIG. 7 shows a second embodiment of the present invention, in which the digital information is encrypted by the common key cryptosystem in the first embodiment and then transmitted to the information storage. Indicates. The common key cryptosystem is
It is an encryption method such as DES and FEAL that uses the same key for encryption and decryption.

In the figure, 20A is a user terminal, and an encryption / decryption means 24 for encrypting and decrypting information by a common key cryptosystem, and a common key storage means 25 for storing a common key at the time of encryption and decryption. The user terminal 20 is similar to the user terminal 20 of FIG. Further, 50 is a communication line similar to the communication line 30.

Reference numeral 60 denotes a terminal information issuing center that issues and manages the common key of the user terminal 20A, and terminal key information management means 61 that manages the history of the key information of the user terminal 20A issued in the past. A decoding means 62 for decoding the information,
An encryption means 63 for encrypting information and a communication control means 64 for communicating with the information storage 40 via the communication line 50 are provided. The rest of the configuration is similar to that of the first embodiment.

FIG. 8 shows an example of the contents of the terminal key information management means 61. User identification numbers IDu1 and IDu
For the user terminal 20A corresponding to 2, ..., The history of the past common key issued when the terminal or card is lost (Ko
11, Ko12, ..., Ko21, Ko22, ...) And the latest common key (Kn1, Kn2, ...) Information is recorded.

FIG. 9 shows a procedure for storing and recovering digital information in the second embodiment, and the operation will be described below in accordance with this procedure.

First, the procedure for storing information will be described. The user terminal 20A uses the information recording means 21 to read the digital information I.
Is taken out (step S11), and the user identification number IDu is taken out from the user identification number accumulating means 22 (step S12). Next, the common key Ko issued in advance by the terminal information issuing center 60 is taken out from the common key storage means 25 (step S13), and the digital information I is encrypted by the encryption / decryption means 24 by the common key cryptosystem. After (step S14), the information is sent to the information storage 40 together with the user identification number IDu (step S15) and stored in the information storage means 41 (step S16).

Next, the recovery procedure when the user terminal is reissued due to loss or theft or when the digital information is lost intentionally or by mistake is explained. The user terminal 20A is used in the information storage 40. Person identification number IDu
To request reception of the accumulated digital information (step S17). The information storage 40 collates the received user identification number IDu (step S18), and outputs the encrypted digital information of the corresponding user to Ko (I).
Is taken out (step S19) and transmitted to the terminal information issuing center 60.

The terminal information issuing center 60 collates the received user identification number IDu (step S20), and the digital information I among the old common keys corresponding to the user terminal 20A from the terminal key information management means 61. The common key Ko at the time when is stored is taken out (step S21). The digital information is decrypted by the secret key cryptosystem with the common key Ko (step S22), and the latest common key Kn is taken out from the terminal key information management means 61 (step S2).
3), the digital information I is encrypted (step S
24) After that, via the information storage 40, the user terminal 20A
(Step S25).

The user terminal 20A takes out the latest common key Kn from the common key storage means 25 (step S26), decrypts the digital information I by the encryption / decryption means 24 (step S27), and then the information recording means. 21 is stored (step S28). By the above procedure, it is possible to easily recover the digital information previously registered / stored.

FIG. 10 shows a third embodiment of the present invention. Here, in the second embodiment, the digital information is encrypted by the public key cryptosystem instead of the common key cryptosystem, and then the information storage section. The following shows an example of sending to.
The public key cryptosystem is a cryptosystem that uses different keys for encryption (public key) and decryption (secret key) represented by RSA.

In the figure, 20B is a user terminal, which is provided with a public key storage means 26 for storing a public key at the time of encryption and a secret key storage means 27 for storing a secret key at the time of decryption. Except for this, it is the same as the user terminal 20A in FIG. In addition,
The other structure is the same as that of the second embodiment.

FIG. 11 shows an example of the contents of the terminal information management means 61. For the user terminal 20B corresponding to the user identification number IDu1, IDu2, ..., History of past secret keys (Ks11, Ks1) issued when the terminal or the card is lost.
2, ..., Ks21, Ks22, ...) And the latest public key (Kp1, Kp2, ...) Information is recorded.

FIG. 12 shows a procedure for storing and recovering digital information in the third embodiment, and the operation will be described below in accordance with this procedure.

First, the procedure for storing information will be described. The user terminal 20B uses the information recording means 21 to store the digital information I.
Is taken out (step S31), and the user identification number IDu is taken out from the user identification number accumulating means 22 (step S32). Next, the public key Kpo issued in advance by the terminal information issuing center 60 is retrieved from the public key storage means 26 (step S33), and the digital information I is encrypted by the encryption / decryption means 24 by the public key cryptosystem. After (step S34), it is transmitted to the information storage 40 together with the user identification number IDu (step S35) and stored in the information storage means 41 (step S36).

Next, the recovery procedure when the user terminal is reissued due to loss or theft or when the digital information is lost intentionally or by mistake is explained. The user terminal 20B is used in the information storage 40. Person identification number IDu
To request reception of the accumulated digital information (step S37). The information storage 40 collates the received user identification number IDu (step S38), and the encrypted digital information Kpo (I) of the corresponding user.
Is taken out (step S39) and transmitted to the terminal information issuing center 60.

The terminal information issuing center 60 collates the received user identification number IDu (step S40), and the digital information I among the old secret keys corresponding to the user terminal 20B from the terminal key information management means 61. The secret key Kso at the time when is stored is taken out (step S41). The digital information is decrypted by the public key cryptosystem with the secret key Kso (step S42), and the latest public key Kpn is taken out from the terminal key information management means 61 (step S43) to encrypt the digital information I. (Step S44) After that, via the information storage 40, the user terminal 2
0B (step S45).

The user terminal 20B retrieves the latest secret key Ksn from the secret key storage means 27 (step S46),
After the digital information I is decrypted by the encryption / decryption means 24 (step S47), it is stored in the information recording means 21 (step S48). By the above procedure, it is possible to easily recover the digital information previously registered / stored.

FIG. 13 shows a fourth embodiment of the present invention. Here, when the user terminal connects to the information storage, the user terminal and the information storage are authenticated by the public key cryptosystem. By this, an example in which it becomes possible to identify the valid connection partners will be shown.

In the figure, 20C is a user terminal, which is a certificate storage means 28 for storing a certificate certifying the public key of the user terminal, and an information storage verification means 29 for verifying the validity of the information storage. The user terminal 20B is similar to the user terminal 20B in FIG. 40A is an information storage, and a public key storage means 43 for storing the public key of the information storage.
And a private key storage means 44 for storing the private key of the information storage.
And a certificate storage means 45 for storing a certificate for certifying the public key of the information storage, a user verification means 46 for verifying the user, and an encryption / decryption for encryption / decryption by the public key cryptosystem. It is the same as the information storage 40 in FIG. 7 or FIG. 10 except that it is provided with means 47. The other structure is the same as that of the second embodiment.

FIG. 14 shows an authentication procedure in the fourth embodiment, and the operation will be described below in accordance with this.

When storing or retrieving information from the user terminal 20C to the information storage 40A, the user terminal 20C first stores the public key certificate Xu of the user terminal in the certificate storage means 28.
Further take out (step S51). Next, the public key Kpu is taken out from the public key storage means 26 and the secret key Ksu is taken out from the secret key storage means 27 (step S5).
2) The encryption / decryption means 24 decrypts (signs) the request (storage, retrieval request) text Req with the secret key Ksu (step S53), and then the user identification number IDu, certificate Xu, public key Kpu, The signature information Ksu (Req) is transmitted to the information storage 40A (step S54).

In the information storage 40A, the user verification means 46 verifies the user's signature by the following procedure (step S55).

(1) Kpc (Xu) → Kpu '(2) Kpu' = Kpu? (3) Kpu (Ksu (Req)) → Req = correct request statement? The method is generally a procedure for verifying and signing a public key certificate by public key cryptography. In addition, steps (1) and (3)
The encryption / verification means 4 calculates the encryption (verification) process.
It is carried out in 7. Here, Kpc is the public key of the terminal information issuing center 60. There are various methods such as a method of storing the public key in the information storage verification unit 29 when the user terminal 20C is issued, and a method of receiving the public key from the terminal information issuing center 60 or the public key storage center each time the verification is performed. .

Next, the information storage cabinet 40A retrieves the public key certificate Xb of the information storage cabinet from the certificate storage means 45 (step S56), and retrieves the public key Kpb from the public key storage means 43 (step S57). , The response text Res is decrypted (signed) to obtain the signature text Ksb (Res) (step S58). The response text means an acknowledgment message for the request text Req. The creation / decryption of the signature text is performed by the encryption / decryption means 47.

The response sentence K signed by the information storage 40A
sb (Res) is transmitted to the user terminal 20C together with the certificate Xb and the public key Kpb (step S59). In the user terminal unit 20C, the information storage verification unit 29 verifies the signature of the information storage 40A according to the following procedure (step S).
60).

(1) Kpc (Xb) → Kpb '(2) Kpb' = Kpb? (3) Kpb (Ksb (Res)) → Res = correct response sentence? After the mutual authentication succeeds in the above procedure, the second or third
Based on the above embodiment, the digital information is transmitted from the user terminal to the information storage and stored / stored in the information storage means 41. In addition, when the user terminal requests the information storage to receive the previously stored information, mutual authentication is performed based on the present embodiment and succeeds, and then based on the second or third embodiment. Then, the digital information is transmitted from the information storage to the user terminal, further decoded, and stored and stored again in the information recording means 21.

FIG. 15 shows the processing procedure of the fifth embodiment of the present invention. Here, when the user terminal stores digital information in the information storage, it receives the storage confirmation signature from the information storage. The following shows an example that enables a reliable storage procedure. The system configuration is similar to that of the fourth embodiment.

First, the user terminal 20C is the information recording means 2
The digital information I is extracted from 1 (step S7
1) The user identification number IDu is taken out from the user identification number storage means 22 (step S72). Next, the digital information I and the user identification number IDu are stored in the information storage 4
0A (step S73). Information storage 40A
Stores the received digital information I in the information storage means 41 in association with the user identification number (step S74), adds the signature Sign (I) to the received information (step S75), and the user It is returned to the terminal 20C. The signature method is shown in the following equation.

Sign (I) = Ksb (h (I)) where h (I) is the result of applying the hash function to the information I. Further, Ksb is a secret key of the information storage 40A, and Ksb (h (I)) decrypts h (I) with the key Ksb (signature) by the encryption / decryption means 47 shown in FIG.
It is the value.

The user terminal 20C verifies the received signature information of the information storage 40A. The verification method is shown in the following formula.

Kpb (Sign (I)) = Kpb (Ksb (h (I))) = h ′ (I) h (I) = h ′ (I)? If successful (when h (I) = h '(I)), the digital information transmission / storage procedure is performed according to the first to fourth embodiments.

[0056]

As described above, according to the present invention, digital information such as music and video information received from an information center or the like via a communication line or digital information created by a user is accumulated and stored a plurality of times. When you use it,
Even if the digital information required is lost by the user's intention or misoperation, or the accumulated digital information becomes unusable due to theft or loss, the aforementioned digital information recovery can be performed immediately. Again, there is no need to purchase the same information again from an information center or the like, or the user himself / herself has to create it, and there is an advantage that there is no risk of unnecessary cost and effort.

Further, according to the present invention, the digital information is encrypted by various encryption methods, the mutual authentication between the user terminal and the information storage, the reception signature function in the information storage, etc. There is an advantage that the data recovery system and method can be added depending on the importance of contents, fee, and required security level, and a safer and more reliable data recovery system and method can be provided.

It is considered that the present invention will become an important system and method as paid multimedia information represented by video-on-demand and the like will be distributed by the network in the future.

[Brief description of drawings]

FIG. 1 is a diagram showing a first embodiment of a digital information storage system of the present invention.

FIG. 2 is a diagram showing an example of a conventional digital information communication system.

FIG. 3 is a diagram showing an example of information storage of information recording means in the first embodiment.

FIG. 4 is a diagram showing an example of information storage of a user identification number storage means in the first embodiment.

FIG. 5 is a diagram showing an example of information storage of an information storage unit in the first embodiment.

FIG. 6 is a diagram showing a procedure for storing and recovering digital information in the first embodiment.

FIG. 7 is a diagram showing a second embodiment of the present invention.

FIG. 8 is a diagram showing an example of contents of terminal key information management means in the second embodiment.

FIG. 9 is a diagram showing a procedure for storing and recovering digital information in the second embodiment.

FIG. 10 is a diagram showing a third embodiment of the present invention.

FIG. 11 is a diagram showing an example of contents of terminal key information management means in the third embodiment.

FIG. 12 is a diagram showing a procedure for storing and recovering digital information in the third embodiment.

FIG. 13 is a diagram showing a fourth embodiment of the present invention.

FIG. 14 is a diagram showing a procedure for storing and recovering digital information in the fourth embodiment.

FIG. 15 is a diagram showing a processing procedure of a fifth embodiment of the present invention.

[Explanation of symbols]

20, 20A, 20B, 20C ... User terminal, 21 ... Information recording means, 22 ... User identification number storage means, 23 ... Communication control means, 24 ... Encryption / decryption means, 25 ... Common key storage means, 26 ... Public key storage means, 27 ... Private key storage means, 28 ... Certificate storage means, 29 ... Information storage warehouse verification means, 30, 50 ... Communication line, 40, 40A ... Information storage warehouse, 41 ... Information storage means, 42 ... Communication control means, 43 ...
Public key storage means, 44 ... Private key storage means, 45 ... Certificate storage means, 46 ... User verification means, 47 ... Encryption / decryption means, 60 ... Terminal information issuing center, 61 ... Terminal key information management means, 62 Decryption means, 63 encryption means, 64 communication control means.

Claims (9)

[Claims] 1. An information recording means for recording digital information received from an information center or the like or digital information created by the user and reusable arbitrarily, and a user-generated or information center etc. A plurality of user terminals having a user identification number storage means for recording the user identification number issued in 1. and a user identification number storage means in each user terminal connected to each user terminal via a communication line. A digital information storage system, comprising: an information storage unit having an information storage unit that stores correspondingly the recorded contents of the information recording unit. 2. Each user terminal is provided with an encryption / decryption means for encrypting and decrypting digital information by a common key cryptosystem, and a common key storage means for storing a common key at the time of encryption and decryption, A terminal key information management unit that is connected to an information storage via a communication line and manages a history of key information of each user terminal issued in the past, a decryption unit that decrypts digital information, and an encryption of digital information 2. The digital information storage system according to claim 1, further comprising a terminal information issuing center having an encryption means. 3. An encryption / decryption means for encrypting and decrypting digital information in each user terminal by a public key cryptosystem, a public key storage means for storing a public key at the time of encryption, and a private key for decryption. And a secret key storage means for storing the key information, and a terminal key information management means for managing the history of key information of each user terminal issued in the past, which is connected to the information storage via a communication line, and digital information. 2. The digital information storage system according to claim 1, further comprising a terminal information issuing center having a decrypting means for decrypting and an encrypting means for encrypting digital information. 4. A certificate storage means for storing a user certificate certified by the terminal information issuing center in each user terminal,
An information storage storage verification means for verifying the validity of the information storage storage is provided, and a public key storage means for storing the public key of the information storage storage in the public key cryptosystem and the information storage in the public key cryptosystem are provided in the information storage storage. Private key storage means for storing the private key of the warehouse,
Certificate storage means for storing the certificate of the information storage certified by the terminal information issuing center, user verification means for verifying the legitimacy of the user, and encryption / decryption means for encrypting and decrypting by the public key cryptosystem. 4. The digital information storage system according to claim 3, further comprising: 5. Digital information received from an information center or the like, or digital information created by the user himself / herself, which can be reused at will, is sent directly from a plurality of user terminals together with a user identification number or a communication line. To the information storage, the information storage stores the user identification number and the digital information in association with each other, and when the reception request of the digital information occurs, the information reception request message is sent from the user terminal. Is sent to the information storage with the user identification number directly or via a communication line, and when the information storage receives the information reception request message,
A digital information storage method, characterized in that digital information corresponding to a user identification number is taken out and transmitted to a corresponding user terminal directly or through a communication line. 6. When transmitting digital information from each user terminal to an information storage, the digital information is encrypted by a common key cryptosystem using a common key issued by a terminal information issuing center and stored in the information storage. When the information storage request is received and the information reception request message from the user terminal where the common key is reissued is received in the information storage, the encrypted digital information corresponding to the user identification number is taken out and directly or through the communication line. The terminal information issuance center sends it to the terminal information issuance center, which decrypts the digital information with the previously issued common key, re-encrypts it with the reissued common key, and sends it to the user terminal via the information storage and uses it. 6. The digital information storage method according to claim 5, wherein the person terminal decrypts the digital information with the reissued common key. 7. When transmitting digital information from each user terminal to an information storage, the digital information is encrypted by a public key cryptosystem using a public key issued by a terminal information issuing center and transmitted, When receiving the information reception request message from the user terminal in which the public key and the private key are reissued in the storage, the encrypted digital information corresponding to the user identification number is taken out and the terminal is directly or through the communication line. The information is sent to the information issuance center, and the terminal information issuance center decrypts the digital information with the previously issued secret key, re-encrypts it with the reissued public key, and sends it to the user terminal via the information storage. 6. The digital information storage method according to claim 5, wherein the terminal decrypts the digital information with a reissued secret key. 8. Before transmitting digital information from the user terminal to the information storage, a certificate certifying the public key of the user terminal and a certificate certifying the public key of the information storage are mutually transmitted. 8. The digital information storage method according to claim 7, wherein authentication is performed. 9. When transmitting digital information from a user terminal to an information storage, the information storage generates a digital signature statement for the received digital information and transmits the digital signature statement to the user terminal, 9. The digital information storage method according to claim 5, wherein the user terminal verifies the received digital signature text.