In a cryptographic key generation and sharing system, there exist two networks (a cryptographic key sharing network and an application network). The cryptographic key sharing system is constituted of networked nodes that are connected to each other by a plurality of links. Each node has the function of generating a random number and sharing it with an opposed node that is connected thereto by a link and the function of performing cryptographic communication over a link by using the random number generated and shared as a cryptographic key (hereinafter, referred to as a “link key”).
In a node, the function of generating a random number and sharing it with an opposed node that is connected thereto by a link can also be implemented using, for example, a technique that is commonly called “quantum cryptography” or “quantum key distribution (QKD)”.
However, in the conventional technique, there has been a drawback that, in such a case that failures occur in nodes or errors occur in a network, there exists the possibility that inconsistency occurs in the cryptographic key information shared between nodes.