Some conventional secure systems for networks of the like are based on keying material share distribution schemes called alpha-secure, in which a node belonging to a network is not directly provided with cryptographic ready-made key, but with some node-specific keying material allowing it to compute a shared key with another node of the network, for securing communication. This node-specific information is a keying material share derived from a root keying material comprised in a management device of the network. The root keying material is such that the capture of less than alpha nodes, and thus the combination of less than alpha keying-material shares, does not reveal anything about the root keying material. Consequently, such systems offer a good resiliency under attack, when alpha is chosen great enough. Further uncorrelation techniques can be used to further increase the system security by uncorrelating the keying material shares distributed to the nodes, and thus preventing attackers from gaining knowledge about the underlying root keying material, without interfering in the key generation process.
Alpha-secure systems enable different security functionalities including key distribution, broadcasting information and cryptographically linking information to the keying material shares carried by an entity by means of lightweight digital certificates.
The root keying material is, for example, a symmetric bivariate polynomial of degree alpha, and the keying material share of a node is obtained by evaluating this bivariate polynomial at a point corresponding to an identifier of this node.
Generally, polynomials over large finite fields are used, which means that their coefficients are included in large prime finite fields, thus requiring high requirements for performing computation. However, the devices included in wireless sensors networks or other networks of the like are generally resource-constrained in terms of computational and communication resources. Accordingly, conventional methods are not well adapted to such networks.
Alternative solutions carrying out key segmentation have also been proposed. These solutions lie on the use of several sub-polynomials concatenated to form a polynomial representing a keying material. However, this segmentation, even if reducing the number of computing operations, does not help solving the issue of resource-requirements namely in terms of memory size.
The use of alpha-secure system for the generation polynomial-based certificates introduces further challenges in their efficient implementation. Identity segmentation techniques can be applied; however, there exists an important trade-off between two possible configurations. The first one is based on the use of a high number of short segments. The second one uses a few large segments. While the first one requires higher memory requirements, the second one requires higher computational requirements due to the longer segment size.