A cryptographic communication network is known that is configured with a plurality of networked nodes which is mutually connected by a plurality of links. Each node has the function of generating and sharing a random number with opposite nodes that are connected by links (hereinafter, also referred to as “a generating-sharing function”), as well as has the function of performing cryptographic communication over a link by using the random number as a cryptographic key (hereinafter, referred to as “a link key”). Moreover, some of the nodes also have the function of generating a random number independent of the links, as well as have the function of sending the generated random number to a different node. In a cryptographic communication network, an application has the function of obtaining a random number from a node, using the random number as a cryptographic key (hereinafter, referred to as “an application key”), and performing cryptographic communication with another application. Herein, an application can be configured in an integrated manner with the nodes, or can be configured as a terminal independent of the nodes.
In a node, the generating-sharing function, by which a random number (a link key) is generated and shared with opposite nodes connected by links, can be implemented using a technology that is commonly called quantum cryptographic communication, for example. In this case, the technology by which, in a node, a random number (an application key) is generated independent of the links and sent to a different node via a link may be called quantum key distribution (QKD).
In a node in a cryptographic communication network, a random number (i.e., an application key) generated independent of the links is only a finite resource in the cryptographic communication network. Moreover, even regarding the speed of generating an application key, there is an upper limit from the technical perspective. Hence, as far as an application is concerned, although the method of obtaining an application key from a node and performing cryptographic communication is the most secure way of communication; it may not necessarily be the most suitable cryptographic communication if the cost is also taken into account. For example, in the light of the limitations in communication throughput and the cost incurred due to the use of finite resources, there are times when some other cryptographic communication method (i.e., a communication method other than the method of obtaining an application key from a node in a cryptographic communication network and performing cryptographic communication) fulfills the demands of an application even if there is a decline in the level of security. In this way, the method of obtaining an application key from a node and performing cryptographic communication is not always necessarily the most suitable method. Thus, in the conventional method, after taking into account the throughput and the cost, it is not possible to select the most suitable cryptographic communication method in the context of the demands of an application.