**2. Shamir's secret sharing scheme (SSSS)**

Shamir's secret sharing scheme (SSSS), also called a (*k, n*) threshold scheme, is a basic algorithm in cryptography created by Shamir [5]. A secret is divided into multiple parts which each part is given to every participant. To reconstruct the secret, participants have to possess sufficient number of parts. Otherwise, there is no way to reveal the original secret. The goal of Shamir's scheme is to divide *S* (secret) into n pieces of data *S1, S2, …, Sn* in such a way that knowledge of any *k* or more *Si* pieces makes *S* easily computable. This means any group of *k* pieces of data can reconstruct the secret.

Knowledge of *k −* 1 or fewer *Si* pieces leaves *S* completely undetermined. This means secret *S* cannot be reconstructed with fewer than *k* pieces.

The (*k, n*) threshold scheme is based on polynomial interpolation. To build polynomial *f*(*x*) *= a0 + a1x + a2x2 + … + ak <sup>−</sup>* 1*xk <sup>−</sup>* 1, (k <sup>−</sup> 1) elements *a1, a2, …, ak−*1 are selected randomly and let *a*<sup>0</sup> *= S*. With a set *idi, i =* 1*, …, n,* we calculate *f(idi)* and distribute a pair of *(idi, f(idi))* to *n* participants. For secret recovery phase, we need any subset of *k* of these pairs. From that, we can find the coefficients of the polynomial using interpolation and evaluate secret *S = f*(0). To be more efficient, the modular arithmetic is used instead of real arithmetic. The coefficients are randomly chosen in the finite field *GF*(*q*). Then, the pairs become (*idi, f*(*idi*)) *mod q*).

SSSS has a powerful mechanism in key distribution. The number of *Si* pieces can be dynamically adjusted according to number of members who join or leave the network. In order to enhance the security level, the shares must be changed frequently without changing the original secret by generating differently the polynomial *f*(*x*) with the same free term. SSSS is also suitable for hierarchical system in which the quantity of shares is given to members based on their importance in the system.

**45**

*KCHi*

*Key Management Techniques for Wireless Mesh Network DOI: http://dx.doi.org/10.5772/intechopen.83399*

**3. Secret sharing-based key management (SSKM)**

reduce the high probability of the common keys.

nodes forward to base station (BS).

adopted to address the problems.

situation:

channel.

The main issue of SSSS comes from cheaters inside the network. In the reconstruction phase, if a member accidently or intentionally provides his fake share, the original secret reconstructed might be wrong as well. Therefore, there is a need of verifying the correctness of the retrieved shares during the reconstruction process.

Lan Yun et al. [7] presented an algorithm called secret sharing-based key management (SSKM) which can prevent several attacks effectively and reduce the energy consumption. SSKM includes two-level key management. One is to protect communication between base station (BS) and cluster head (CH); another relates to communication between CH and member nodes. Besides, the SSKM utilizes Shamir's secret sharing scheme to distribute keys. The proposed method also dynamically generates different keys based on different polynomials from BS in different periods which can protect the network from the compromised nodes and

The SSKM was proposed to perform in a hierarchical architecture which consists of a base station and several clusters. Each cluster includes cluster heads and member node. CH manages the cluster and deals with information from member

The SSKM is based on Shamir's scheme to distribute the keys. Though this scheme is information theoretically secured, there are some requirements in this

1.The delivery of shares between dealer and users must operate in a secure

2.The pairs (*x, f*(*x*)) are made publicly known. However, for security purposes, the pairs must be kept as each user's secret. Therefore, the discrete logarithm in the finite field and DDH (decisional Diffie-Hellman) assumption are

In initial phase, during each session period *l* (*l =* 1*,…,M*), BS randomly generates *m* polynomials *f*(*x*) of (*t −* 1) degree. One of the polynomials *fCin*(*x*) is used to key distribute between BS and cluster heads. Other *m −* 1 polynomials are used to key distribute among cluster head and member nodes in *m −* 1 clusters, respectively. After that, BS selects M session keys {*KCin*} and {*KCHi}* from GF(Q ) in the finite field Q. *KCin* is the session key in network key management (between BS and CH), while

is the session key in cluster key management (between CH and member nodes).

Session keys are hidden by calculating *ZCin = KCin + SCin* and *ZCHi = KCHi + SCHi*; *SCin* and *SCHi* are the secrets. BS/CHs broadcast information Z to each CH/member node. To protect the communication, the discrete logarithm in the finite field and DDH (decisional Diffie-Hellman) assumption are adopted. As a result, secrets {*SCin*}, {*SCHi*} and session keys {*KCin*} and {*KCHi*} are kept confidential. After recovering the secret S using (*t, n*) threshold scheme, users can get session key *K = Z – S*. SSKM provides an energy-efficient solution in which almost computations were performed by BS, and CHs just exchange parameters to BS to adjust polynomials for key generation/cancelation. SSKM also resolves challenging security issues by localizing key things based on secret sharing scheme. Network key and cluster key management are salient solutions in this work which are mainly responsible for the

security protection in a group of members as well as the whole network.

*Wireless Mesh Networks - Security, Architectures and Protocols*

Many researchers have proposed numerous approaches for group key management. One of the most common group key management methods is secret sharing introduced by Shamir [5]. The schemes allow a master key (secret) to be shared to all authenticated users, but it can just be reconstructed when a node has enough number of shares. Combining with Shamir's method, Li and Xin used the self-certified public key system for proposal of a distributed key management approach [6]. All keys are generated and managed in a self-organizing way within the network, while there is no need of prebuilt trusted relationship between nodes. Lan Yun et al. introduced secret sharing-based management (SSKM) based on Shamir's scheme [7]. The proposed method dynamically generates a different key based on different polynomials from the base station in different periods which can protect the network from the compromised nodes and reduce the high probability of the common key. Filippo Gandino et al. [8] proposed a new key negotiation routine to deal with the case when a node is compromised by adversary. The goal of this algorithm is to reduce the time for the initialization phase as well as reduce the probability of compromised master secret. Singh et al. [9] combined Shamir's scheme and encryption method together by using only hash and XOR function to reduce the overhead for realistic WMNs which have limited resource. All attempts

of researchers are to enhance security reliability for key management.

Finally, the conclusion is drawn in Section VI.

**2. Shamir's secret sharing scheme (SSSS)**

can reconstruct the secret.

polynomial *f*(*x*) *= a0 + a1x + a2x2*

The remaining sections of this chapter are organized as follows. The detail approaches of other authors are introduced in section II, III, and IV. In section V, we proposed a new key management method using real-time synchronization among transceiver devices. In addition, we present our experiments and the result analysis.

Shamir's secret sharing scheme (SSSS), also called a (*k, n*) threshold scheme, is a basic algorithm in cryptography created by Shamir [5]. A secret is divided into multiple parts which each part is given to every participant. To reconstruct the secret, participants have to possess sufficient number of parts. Otherwise, there is no way to reveal the original secret. The goal of Shamir's scheme is to divide *S* (secret) into n pieces of data *S1, S2, …, Sn* in such a way that knowledge of any *k* or more *Si* pieces makes *S* easily computable. This means any group of *k* pieces of data

Knowledge of *k −* 1 or fewer *Si* pieces leaves *S* completely undetermined. This

The (*k, n*) threshold scheme is based on polynomial interpolation. To build

selected randomly and let *a*<sup>0</sup> *= S*. With a set *idi, i =* 1*, …, n,* we calculate *f(idi)* and distribute a pair of *(idi, f(idi))* to *n* participants. For secret recovery phase, we need any subset of *k* of these pairs. From that, we can find the coefficients of the polynomial using interpolation and evaluate secret *S = f*(0). To be more efficient, the modular arithmetic is used instead of real arithmetic. The coefficients are randomly

SSSS has a powerful mechanism in key distribution. The number of *Si* pieces can be dynamically adjusted according to number of members who join or leave the network. In order to enhance the security level, the shares must be changed frequently without changing the original secret by generating differently the polynomial *f*(*x*) with the same free term. SSSS is also suitable for hierarchical system in which the quantity of shares is given to members based on their importance in the system.

chosen in the finite field *GF*(*q*). Then, the pairs become (*idi, f*(*idi*)) *mod q*).

 *+ … + ak <sup>−</sup>* 1*xk <sup>−</sup>* 1, (k <sup>−</sup> 1) elements *a1, a2, …, ak−*1 are

means secret *S* cannot be reconstructed with fewer than *k* pieces.

**44**

The main issue of SSSS comes from cheaters inside the network. In the reconstruction phase, if a member accidently or intentionally provides his fake share, the original secret reconstructed might be wrong as well. Therefore, there is a need of verifying the correctness of the retrieved shares during the reconstruction process.
