In an information processing apparatus, a key management unit forms a judgment as to whether an authentication key owned by an application program is valid or invalid. A content protection unit is controlled based on this determination so that contents are exchanged between the information processing apparatus and the application program. An encryption/decryption unit encrypts a decrypted content by using an encryption key received from a key management unit and outputs the encrypted content to an encrypted-information addition unit. The encrypted-information addition unit adds encrypted information to the encrypted content received from the encryption/decryption unit and outputs the encrypted content with the encrypted information added thereto to the application program. As a result, it is possible to prevent content from being utilized illegally.