To secure the confidentiality and secrecy of communication data by exchanging a cryptographic key in a single session, while utilizing the standard protocols of the Internet, etc.
The term of validity of a cryptographic key in a single session is defined. Then, a communication time is managed by using first timers 27a, 27b or the like. When the expiration of the validity of the cryptographic key comes near, key-exchanging means 25a and 25b performs the exchanging (delivering) processing of a new cryptographic key by using the security function of a wide-area network. When old cryptographic key information and new cryptographic key information coexist in SA database 24a and 24b, the newest cryptographic key information is selected by referring to a time stamp.