Encryption is often used to ensure the confidentiality of data messages exchanged in networks of wireless nodes, and key distribution is an important problem because the security of the system depends on keeping the secret keys secret. Traditional ways to handle this problem are by using symmetric ciphers to distribute the keys or to use asymmetric (public key) algorithms. Public key algorithms inherently have some attributes that make key distribution a simpler problem, but they are more computationally intensive than symmetric key algorithms. Symmetric key algorithms tend to be more efficient for resource-constrained nodes but offer no intrinsic help for the problem of key distribution. A traditional way to address key distribution without using asymmetric ciphers is to use either the old key to encrypt the new key or to use a key distribution key (some call this a “master key”) to encrypt the new key. However both of these solutions have potential problems. In the first instance, if a key is compromised, i.e. learned by an unauthorized agent, then the new key is trivially also retrieved by this unauthorized party because the new key is encrypted with the old compromised key. Anyone who knows the old key can, if they are listening at the right time, also discover the new key. In the latter case, in which a key distribution key is used to encrypt the new key, the problem is similar because if the key distribution key is compromised, then all subsequent key changes are also compromised. Additionally, there is the question of how one securely changes the key distribution key.