Professional Documents
Culture Documents
CHAPTER-3
Ad-hoc Networks
3.1 Introduction of secret sharing scheme in key management
Shamir had proposed a method for dividing a data sequence D into n fragments in
such a way that D can be easily reconstructed from any k pieces using Lagranges
Interpolation. This technique enables the construction of robust key management for
cryptographic system.
distributes shares of a secret to participants such that (1) any subset in can reconstruct the
secret from its shares, and (2) any subset not in cannot obtain any partial information
about the secret in the information theoretic sense. A secret sharing scheme is called ideal
if shares of shareholders are taken from the same domain as the secret.
The requirement of the key being secret brings several problems. Storing a secret
key with only one person or server or database reduces the security of the system to the
security and credibility of that agent. Besides, not having a backup of the key introduces
the problem of losing the key if a mischief occurs. On the other hand, if the key is held by
more than one agent an adversary with a desire for the key has more flexibility of
choosing the target. Hence the security is reduced to the security of the least secure or
24
least credible of these agents. Secret sharing schemes are introduced to solve these
problems of key management. The main idea of these schemes is to share a secret among
a set of agents such that only the predefined coalitions can come together and reveal the
secret, while no other coalition can obtain any information about the secret. Thus, the
keys used in areas requiring vital secrecy like large-scale finance applications and
command control mechanisms of nuclear systems, can be stored by using secret sharing
schemes.
Here secret is shared to detect malicious nodes in the network. The original secret
key can be reconstructed by applying private key for their corresponding public key
encrypted data.
Detection of cheaters:
an ability to verify that (a) the secret shadows obtained from the dealer are derived
consistently from the same secret and (b) the secret shadows obtained from the other
shareholder in the secret reconstruction process are genuine shadows. These abilities are
very important. For example, a dishonest dealer can cheat some shareholders by giving
them fake shadows. Communication errors (i.e., noise) can also result in fake shadows. A
shareholder may also cheat others in the secret reconstruction process by presenting a
multiple individuals called participants (or shareholders) that are engaged in encryption
This architecture follows the dynamic topology of the networks, in which the participants
reside. The secret value is redundantly split into n pieces and is distributed among
participants such that t or more than t pieces can recover the original secret value. This is
secured message transmission (SMT) between two nodes over n multiple paths in
robust, and efficient key management system. General Key management primitives and
trust models are described below. The key is a piece of input information for
cryptography algorithms. First, if the key is discovered, the encrypted information can be
revealed. The secrecy of the private key must be assured locally. The key encryption key
(KEK) approach could be used at local hosts. Second, key distribution and key agreement
26
over an insecure channel are risky and suffer from potential attacks. In the traditional
digital envelope approach, a session key is generated at one side encrypted by the public-
key algorithm, and then delivered and recovered at other end. In the Diffie Hellman (DH)
scheme, the communication parties at both sides exchange some public information and
generate a common session key. Several enhanced DH schemes have been proposed to
protocols and frameworks have been designed and built. However, in mobile ad hoc
networks the computational load and complexity of the key agreement protocol are
strongly restricted by the nodes available resources, the dynamic network topology, and
These keys or certificates can be distributed to the nodes automatically via a key
In our work we address the secret distribution to achieve the privacy and
security in MANETs [Crescenzo, 2005]. However, there are some basic aspects that are
common to all security protocols. Avoiding those crucial system events is carried out
under the responsibility of a single node. Every node will be authorized, authenticated,
and non-repudiated. Data should be confidential and it cannot be modified easily [Hu,
27
2004]. Threshold cryptography can provide solutions of fundamental help for aspects of
literature considering such aspects. In this work, we implement a scheme which would be
competent with respect to the mentioned security aspects and it would be computationally
secured as well.
Secret sharing was first proposed by Blakley, 1979 and Shamir, 1979. The scheme
scheme by Blakley, 1979 is based on the geometric idea that uses the concept of
Threshold cryptography based schemes for MANET. The Chinese Remainder Theorem
has been in use for quite a long time in the field of deterministic key pre-distribution.
Ravi K. et.al ,2009 proposed efficient and attack resistant key agreement scheme for
secure group communications in Mobile Ad hoc Networks. This scheme also used CRT
for group key generation. The concept of group key generation suffered from updation
overhead due to the dynamic nature of MANET. Amuthan et.al, 2011 proposed secure
routing scheme in MANETs using Secret Sharing. This protocol proposes a secret
sharing scheme using Shamir's secret sharing scheme approach. Papadimitoras and Hass,
2003 design Secure Data Transmission in Mobile Ad hoc Network which is based on
28
multiple paths for mobile ad hoc networks. The scheme focused its attention on privacy
and robustness in communication. For privacy, a coding scheme using XOR operation
Given any set of k shares can determined the secret s where s (s1 , s2 ,..., sk )
Given any set of k-1 and lesser shares gives no information about the secret s.
Let there are Pi participants where 1 i n . Let S is secret space and T be the share
space be the vector spaces over field F. Assume that f : S T be the one to one share
function to compute shares for n participants. Let s (s1 , s2 ,..., sk ) be the vector space
consisting of k secrets and T (t1 , t2 ,..., tn ) f (s) the share given only to ith participant
is ti .
Initialization Phase
space s.
29
Distribution Phase
Let ei F k be the vector with the ith entry being identity element 1 and other
entries being the zero element of F such that every vector s F k can be
k
expressed as s si ei .
i 1
k k
f ( s) f si ei si f (ei ) sG (t1 , t2 ,..., tn ) where G is k n generator
i 1 i 1
Distribute the shares to the n participants such that ith participant gets the ti th
share for 1 i n .
Choose any k (threshold value) columns of generator matrix to form a sub matrix
G(i1 , i2 ,..., iu ) where i1 , i2 ,..., iu are the i1th , i2th ,..., iu th columns of given generator
matrix and 1 u n .
Initialization:
Dealer uses a Shamir scheme to distribute shares of an initial secret 1 with threshold
t0 among players P p1 , p2 ,..., pn and then he leaves the scheme. Suppose there are
m levels L1 , L2 ,..., Lm with set of players n1 , n2 ,..., nm and thresholds t1 , t2 ,..., tm
corresponds to field Fq
Sharing Phase:
Now P P ni
For i [1, m 1] , i 1 i i
After calculating { 2 , 3 ,...., m } they keep only shares of m as their final shares.
For i [1, m 1]
Now, if a set i of at least ti players cooperates, they can recover the secret by using the
Now we got level wise secrets i.e m from level m, m1 from level (m-1),
Polynomial production:
Each from the t players Pi shares a secret, say i , i [1, t ] among all the players
using a Shamir scheme, where the degree of the secret sharing polynomial is t-1.
Every player adds his shares of the i s together. As a result, each players has a
32
degree at most t-1 such that gi (0) f (i) .He then gives gi ( j ) to Pj for
j
j j , j i for all i .
j 1
Each player Pj (1 j n) erase his old shares, and then combines the
auxiliary shares he has received from other players to compute his new
In our scheme, generally, every participating node and its share were verified by
the verification scheme all the shares for participating nodes are consistent. In the sharing
phase, the dealer cannot generate inconsistent shares. At least one of the verification
equations does not satisfy if the dealer generates an inconsistent share. All the
repudiated, then at least one verification equation will not be satisfied. In such a case, the
cheated node is treated as malicious nodes. This is a cooperative approach where the i th
nodes share would be verified by the other coalition member. Hence, there is no scope of
cheating by any nodes which acts as maliciously. If all the shares are valid, then the
participating nodes would obtain the secret value. It always satisfies the validity of the
shared secret values, because no adversary is able to participate in the coalition easily.
When the verification equation is not satisfied for any node, then it is identified as an
adversary.
Discussion
sharing schemes which is based on code based secret sharing schemes and dynamical
inner components of key management scheme are made by these secret sharing schemes.
This key management is based on the secret sharing scheme, where the system secret is
node to request service from a well maintained group rather than from multiple
independent service providers which may be spread in a large area. It is much easier for
servers to coordinate within the group rather than with the entire network during the
secret share updating phase. Future, we integrate our proposed scheme to the key
management approach.