A user private key is stored in a database of the user terminal. A user public key and user information are stored in the user management DB. The encryption/decryption unit encrypts an authority private key specific to a first authority given to a user, by using a user public key associated with user information to indicate a user. The secret sharing unit shares in secret an authority private key into two or more shared authority private keys. The encryption/decryption unit encrypts the shared authority private keys, by using an authority public key specific to each of second authorities to manage the first authority in a shared manner. The authority management DB stores the encrypted authority private key and authority public key in association with the first authority, and stores the encrypted shared authority private keys in association with the second authorities.