The present invention provides an information processing device, an authentication system, etc. that save a server the trouble of updating a database, etc., even when a software module in a client device is updated, and that are capable of verifying whether software modules that have been started in the client device are valid. The terminal device A100 holds private keys 1 and 2, and performs authentication processing with the terminal device B101 using the private key 2. The private key 1 has been encrypted such that the private key 1 is decryptable only when secure boot is completed. The private key 2 has been encrypted such that the private key 2 is decryptable using the private key 1 only when the application module X that has been started is valid. When the authentication processing is successful, the terminal device B101 verifies that the terminal device A100 has completed secure boot and the application module X that has been started in the terminal device A100 is valid. Also, the terminal device B101 performs the authentication processing using the same private key 2, regardless of whether a program pertaining to the secure boot of the terminal device A100 is updated or not.