**3. Secret sharing-based key management (SSKM)**

Lan Yun et al. [7] presented an algorithm called secret sharing-based key management (SSKM) which can prevent several attacks effectively and reduce the energy consumption. SSKM includes two-level key management. One is to protect communication between base station (BS) and cluster head (CH); another relates to communication between CH and member nodes. Besides, the SSKM utilizes Shamir's secret sharing scheme to distribute keys. The proposed method also dynamically generates different keys based on different polynomials from BS in different periods which can protect the network from the compromised nodes and reduce the high probability of the common keys.

The SSKM was proposed to perform in a hierarchical architecture which consists of a base station and several clusters. Each cluster includes cluster heads and member node. CH manages the cluster and deals with information from member nodes forward to base station (BS).

The SSKM is based on Shamir's scheme to distribute the keys. Though this scheme is information theoretically secured, there are some requirements in this situation:


In initial phase, during each session period *l* (*l =* 1*,…,M*), BS randomly generates *m* polynomials *f*(*x*) of (*t −* 1) degree. One of the polynomials *fCin*(*x*) is used to key distribute between BS and cluster heads. Other *m −* 1 polynomials are used to key distribute among cluster head and member nodes in *m −* 1 clusters, respectively. After that, BS selects M session keys {*KCin*} and {*KCHi}* from GF(Q ) in the finite field Q. *KCin* is the session key in network key management (between BS and CH), while *KCHi* is the session key in cluster key management (between CH and member nodes). Session keys are hidden by calculating *ZCin = KCin + SCin* and *ZCHi = KCHi + SCHi*; *SCin* and *SCHi* are the secrets. BS/CHs broadcast information Z to each CH/member node.

To protect the communication, the discrete logarithm in the finite field and DDH (decisional Diffie-Hellman) assumption are adopted. As a result, secrets {*SCin*}, {*SCHi*} and session keys {*KCin*} and {*KCHi*} are kept confidential. After recovering the secret S using (*t, n*) threshold scheme, users can get session key *K = Z – S*.

SSKM provides an energy-efficient solution in which almost computations were performed by BS, and CHs just exchange parameters to BS to adjust polynomials for key generation/cancelation. SSKM also resolves challenging security issues by localizing key things based on secret sharing scheme. Network key and cluster key management are salient solutions in this work which are mainly responsible for the security protection in a group of members as well as the whole network.

Despite the outstanding advantages, this method is just well-performed in a hierarchical architecture which needs trusted central authorities (BS or CHs). Consequently, the network may be broken down when those authorities are compromised.
