# Implementation of Elliptic Curves in the Polynomial Blom Key Pre-Distribution Scheme for Wireless Sensor Networks and Distributed Ledger Technology

^{*}

## Abstract

**:**

## 1. Introduction

**The objectives:**This paper is based on the key pre-distribution scheme proposed in [10]. The objectives of this paper are listed below:

- We propose a modified scheme that can be used for any arbitrary $\lambda $;
- We discuss and prove the security of the proposed scheme against the coalition of the sensor nodes.

**Our contribution:**In this paper, we propose a novel key pre-distribution scheme. Specifically, we successfully implement elliptic curves over a prime field by fixing the proposed scheme in [10], and we show that the fixed scheme is applicable for arbitrary $\lambda $. We also prove that the proposed scheme is $\lambda $-secure. Our proposed scheme has full connectivity, supports the mobility of nodes in the network, has high scalability, and uses the elliptic curves group law and scalar multiplication in the calculation instead of just adding and multiplying integers. The comparison of our proposed scheme and other existing key distribution schemes that are based on Blom’s scheme is discussed in Section 6.3. The proposed scheme is designed to be implemented in WSNs. In addition, this scheme can also be implemented in DLT.

**The flow of the paper:**The remainder of the paper is organized as follows: The literature review related to the proposed scheme is presented in Section 2. In Section 3, the preliminaries are covered. The proposed scheme is introduced in Section 4. The security of the proposed scheme is explained in Section 5. Lastly, Section 6 and Section 7 provide the discussion and conclusion, respectively.

## 2. Literature Review

#### 2.1. Application of Blom’s Scheme in WSN

#### 2.2. Application of Blom’s Scheme in DLT

## 3. Preliminaries

#### 3.1. Greatest Common Divisor

**Proposition**

**1.**

#### 3.2. Elliptic Curves

**Definition**

**1.**

**Theorem**

**1.**

- 1.
- Let H be any subgroup of G. The order of H divides the order of G;
- 2.
- Let $g\in G$. The order of g divides the order of G.

#### 3.3. Lagrange Interpolation Polynomial

**Theorem**

**2.**

## 4. Materials and Methods

#### 4.1. Blom’s Key Pre-Distribution Scheme

- Before the deployment of the sensor nodes, an offline key distribution center will first construct a $(\lambda +1)\times N$ matrix C over a finite field ${\mathbb{F}}_{q}$ of order q, where q is a prime power and $q>N$. Matrix C is publicly known, which means any sensors and adversaries are allowed to know C. Let ${c}_{i}$ be the $i\mathrm{th}$ column of matrix C, where $1\le i\le N$. Note that ${c}_{i}$ is a $(\lambda +1)$-tuple over ${\mathbb{F}}_{q}$. Column ${c}_{i}$ is assigned to node ${U}_{i}$.
- Then, the key distribution center will create a random $(\lambda +1)\times (\lambda +1)$ symmetric matrix D over ${\mathbb{F}}_{q}$. Matrix D must be kept secret, which means any sensors and adversaries are not allowed to know D.
- The key distribution center will compute an $N\times (\lambda +1)$ matrix M such that $M={(D\xb7C)}^{T}$, where ${(D\xb7C)}^{T}$ is the transpose of $(D\xb7C)$.
- Let ${m}_{i}$ be the i row of matrix M, where $1\le i\le N$. Note that ${m}_{i}$ is a $(\lambda +1)$-tuple over ${\mathbb{F}}_{q}$. The key distribution center will then give ${m}_{i}$ to node ${U}_{i}$ over a secure channel.
- Let us say node ${U}_{i}$ wants to communicate with node ${U}_{j}$. Both will compute the same key, as follows:
- Node ${U}_{i}$ will compute ${m}_{i}\xb7{c}_{j}$, which we call ${k}_{i,j}$. Note that ${k}_{i,j}$ is a single element in ${\mathbb{F}}_{q}$.
- Node ${U}_{j}$ will compute ${m}_{j}\xb7{c}_{i}$, which we call ${k}_{j,i}$. Note that ${k}_{j,i}$ is a single element in ${\mathbb{F}}_{q}$.

#### 4.2. Scalar Multiplication on Elliptic Curves over Finite Field

**Theorem**

**3.**

**Proof**

**of**

**Theorem**

**3.**

#### 4.3. Proposed Algorithm for Arbitrary $\lambda $

- 1.
- Let p be a prime greater than 3, and p is publicly known to all. Let N be the total number of nodes. Let ${U}_{s}$ be the s node where $1\le s\le N$. The trusted authority (TA) chooses an elliptic curve E over prime field ${\mathbb{F}}_{p}$ such that$$E:{y}^{2}={x}^{3}+Ax+B$$$$E\left({\mathbb{F}}_{p}\right)=\{(x,y)\in {\mathbb{F}}_{p}\times {\mathbb{F}}_{p}\mid {y}^{2}={x}^{3}+Ax+B\}\cup \left\{{\mathcal{O}}_{\infty}\right\}$$
- 2.
- ${\mathbb{Z}}_{\left|E\right({\mathbb{F}}_{p}\left)\right|}$ is the set of integers modulo $\left|E\right({\mathbb{F}}_{p}\left)\right|$. TA selects an element ${r}_{{U}_{s}}\in {\mathbb{Z}}_{\left|E\right({\mathbb{F}}_{p}\left)\right|}$ for node ${U}_{s}$, which is also made public such that ${r}_{{U}_{s}}\ne {r}_{{U}_{t}}$ for $s\ne t$.
- 3.
- Let $\lambda \in \{1,2,3,...\}$. For $0\le i,j\le \lambda $, the TA chooses random points ${P}_{ij}\in E\left({\mathbb{F}}_{p}\right)$ where ${P}_{ij}=({x}_{ij},{y}_{ij})$ such that ${P}_{ij}={P}_{ji}$ and forms the polynomial$$f(x,y)=\sum _{i=0}^{\lambda}\sum _{j=0}^{\lambda}{P}_{ij}{x}^{i}{y}^{j}.$$The chosen ${P}_{ij}$ and the polynomial f above are privately known only by the TA. The polynomial f is symmetric, i.e., $f(x,y)=f(y,x)$. The number of points ${P}_{ij}$ to be chosen by the TA depends on the value of $\lambda $, where$$\mathrm{The}\phantom{\rule{4.pt}{0ex}}\mathrm{number}\phantom{\rule{4.pt}{0ex}}\mathrm{of}\phantom{\rule{4.pt}{0ex}}\mathrm{points}\phantom{\rule{4.pt}{0ex}}{P}_{ij}=\frac{(\lambda +1)(\lambda +2)}{2}.$$
- 4.
- For each node ${U}_{s}$, the TA computes$${g}_{{U}_{s}}\left(x\right)=f(x,{r}_{{U}_{s}}).$$The TA then privately sends ${g}_{{U}_{s}}\left(x\right)$ to node ${U}_{s}$ over a secure channel. Note that node ${U}_{s}$ only knows ${g}_{{U}_{s}}\left(x\right)$ and does not know the coefficients ${P}_{ij}$. ${g}_{{U}_{s}}\left(x\right)$ is privately known only by the TA and node ${U}_{s}$. Note that the scalar of each point can be reduced to modulo $\left|E\right({\mathbb{F}}_{p}\left)\right|$ based on Theorem 3.
- 5.
- If two nodes, ${U}_{1}$ and ${U}_{2}$, want to communicate with each other, they individually compute the common key (shared key), ${K}_{{U}_{1}{U}_{2}}$ (the same as ${K}_{{U}_{2}{U}_{1}}$), where node ${U}_{1}$ computes$${K}_{{U}_{1}{U}_{2}}={g}_{{U}_{1}}\left({r}_{{U}_{2}}\right)$$$${K}_{{U}_{2}{U}_{1}}={g}_{{U}_{2}}\left({r}_{{U}_{1}}\right).$$Note that ${K}_{{U}_{1}{U}_{2}}={K}_{{U}_{2}{U}_{1}}=f({r}_{{U}_{1}},{r}_{{U}_{2}})$.

#### 4.4. Example for $\lambda =2$

- 1.
- Let $p=11$ and p be publicly known to all. TA chooses an elliptic curve E over prime field ${\mathbb{F}}_{11}$ such that$$E:{y}^{2}={x}^{3}+x+6$$
- 2.
- Note that $\left|E\right({\mathbb{F}}_{11}\left)\right|=13$, which is a prime. TA selects an element ${r}_{{U}_{s}}\in {\mathbb{Z}}_{\left|E\right({\mathbb{F}}_{p}\left)\right|}$ for node ${U}_{s}$, which is also made public such that ${r}_{{U}_{s}}\ne {r}_{{U}_{t}}$ for $s\ne t$, as shown below.$$\begin{array}{cc}\hfill {r}_{{U}_{1}}& =10,\hfill \\ \hfill {r}_{{U}_{2}}& =7,\hfill \\ \hfill {r}_{{U}_{3}}& =1.\hfill \end{array}$$
- 3.
- Let $\lambda =2$. For $0\le i,j\le 2$, the TA chooses random points ${P}_{ij}\in E\left({\mathbb{F}}_{11}\right)$ where ${P}_{ij}=({x}_{ij},{y}_{ij})$ such that ${P}_{ij}={P}_{ji}$, as shown below.$$\begin{array}{ccc}\hfill {P}_{00}& =(2,4),\hfill & {P}_{10}={P}_{01}=(5,9),\hfill \\ \hfill {P}_{11}& =(8,3),\hfill & {P}_{12}={P}_{21}=(3,5),\hfill \\ \hfill {P}_{22}& =(7,2),\hfill & {P}_{02}={P}_{20}=(10,9).\hfill \end{array}$$The TA then forms the secret polynomial $f(x,y)$, as shown below.$$\begin{array}{cc}\hfill f(x,y)& =\sum _{i=0}^{2}\sum _{j=0}^{2}{P}_{ij}{x}^{i}{y}^{j}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& ={P}_{00}{x}^{0}{y}^{0}+{P}_{01}{x}^{0}{y}^{1}+{P}_{02}{x}^{0}{y}^{2}+{P}_{10}{x}^{1}{y}^{0}+{P}_{11}{x}^{1}{y}^{1}+{P}_{12}{x}^{1}{y}^{2}+{P}_{20}{x}^{2}{y}^{0}+{P}_{21}{x}^{2}{y}^{1}+{P}_{22}{x}^{2}{y}^{2}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =(2,4)+(5,9)y+(10,9){y}^{2}+(5,9)x+(8,3)xy+(3,5)x{y}^{2}+(10,9){x}^{2}+(3,5){x}^{2}y+(7,2){x}^{2}{y}^{2}.\hfill \end{array}$$
- 4.
- For node ${U}_{1}$, the TA computes$$\begin{array}{cc}\hfill {g}_{{U}_{1}}\left(x\right)& =f(x,{r}_{{U}_{1}}=10)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& ={P}_{00}+{P}_{01}\left({r}_{{U}_{1}}\right)+{P}_{02}{\left({r}_{{U}_{1}}\right)}^{2}+{P}_{10}x+{P}_{11}\left({r}_{{U}_{1}}\right)x+{P}_{12}{\left({r}_{{U}_{1}}\right)}^{2}x+{P}_{20}{x}^{2}+{P}_{21}\left({r}_{{U}_{1}}\right){x}^{2}+{P}_{22}{\left({r}_{{U}_{1}}\right)}^{2}{x}^{2}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =(3,5)+(10,9)x+(10,9){x}^{2}.\hfill \end{array}$$For node ${U}_{2}$, the TA computes$$\begin{array}{cc}\hfill {g}_{{U}_{2}}\left(x\right)& =f(x,{r}_{{U}_{2}}=7)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& ={P}_{00}+{P}_{01}\left({r}_{{U}_{2}}\right)+{P}_{02}{\left({r}_{{U}_{2}}\right)}^{2}+{P}_{10}x+{P}_{11}\left({r}_{{U}_{2}}\right)x+{P}_{12}{\left({r}_{{U}_{2}}\right)}^{2}x+{P}_{20}{x}^{2}+{P}_{21}\left({r}_{{U}_{2}}\right){x}^{2}+{P}_{22}{\left({r}_{{U}_{2}}\right)}^{2}{x}^{2}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =(8,8)+(3,5)x+(3,6){x}^{2}.\hfill \end{array}$$For node ${U}_{3}$, the TA computes$$\begin{array}{cc}\hfill {g}_{{U}_{3}}\left(x\right)& =f(x,{r}_{{U}_{3}}=1)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& ={P}_{00}+{P}_{01}\left({r}_{{U}_{3}}\right)+{P}_{02}{\left({r}_{{U}_{3}}\right)}^{2}+{P}_{10}x+{P}_{11}\left({r}_{{U}_{3}}\right)x+{P}_{12}{\left({r}_{{U}_{3}}\right)}^{2}x+{P}_{20}{x}^{2}+{P}_{21}\left({r}_{{U}_{3}}\right){x}^{2}+{P}_{22}{\left({r}_{{U}_{3}}\right)}^{2}{x}^{2}\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =(7,9)+(10,9)x+(5,9){x}^{2}.\hfill \end{array}$$The TA then privately sends ${g}_{{U}_{1}}\left(x\right)$, ${g}_{{U}_{2}}\left(x\right)$, and ${g}_{{U}_{3}}\left(x\right)$ to nodes ${U}_{1},{U}_{2}$, and ${U}_{3}$, respectively, over a secure channel. Note that the scalar of each point can be reduced to modulo $\left|E\right({\mathbb{F}}_{11}\left)\right|$ based on Theorem 3.
- 5.
- If ${U}_{2}$ and ${U}_{3}$ want to communicate with each other, they individually compute the common key (shared key), ${K}_{{U}_{2}{U}_{3}}$ (the same as ${K}_{{U}_{3}{U}_{2}}$), where node ${U}_{2}$ computes$$\begin{array}{cc}\hfill {K}_{{U}_{2}{U}_{3}}& ={g}_{{U}_{2}}\left({r}_{{U}_{3}}\right)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =(8,8)+\left(1\right)(3,5)+\left({1}^{2}\right)(3,6)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =(8,8)\hfill \end{array}$$$$\begin{array}{cc}\hfill {K}_{{U}_{3}{U}_{2}}& ={g}_{{U}_{3}}\left({r}_{{U}_{2}}\right)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =(7,9)+\left(7\right)(10,9)+\left({7}^{2}\right)(5,9)\hfill \\ \hfill \phantom{\rule{1.em}{0ex}}& =(8,8).\hfill \end{array}$$Note that ${K}_{{U}_{2}{U}_{3}}={K}_{{U}_{3}{U}_{2}}=f({r}_{{U}_{2}},{r}_{{U}_{3}})$.

## 5. Results

**Theorem**

**4.**

**Proof**

**of**

**Theorem**

**4.**

**Theorem**

**5.**

**Proof**

**of**

**Theorem**

**5.**

- ${f}^{*}$ is symmetric, i.e., ${f}^{*}(x,y)={f}^{*}(y,x)$;
- For $1\le i\le k$, it holds that ${f}^{*}(x,{r}_{{U}_{i}})=f(x,{r}_{{U}_{i}})={g}_{{U}_{i}}\left(x\right)$;
- ${f}^{*}$ has a degree of at most $\lambda $ in both x and y, since $f(x,y)$ has a degree of at most $\lambda $ in both x and y and $k\le \lambda .$

**Theorem**

**6.**

**Proof**

**of**

**Theorem**

**6.**

## 6. Discussion

#### 6.1. The Application of the Proposed Scheme in Hyperledger Fabric DLT

#### 6.2. The Pros and Cons

**The advantages:**

- 1.
- The proposed scheme has high connectivity, which means all nodes in the network are able to compute the shared keys among each other. In other words, the probability of sharing keys between nodes is 1.
- 2.
- The proposed scheme has high scalability, which means our proposed scheme can be used in networks with a huge number of nodes.
- 3.
- The proposed scheme supports the mobility of a node as long as the identities or the public keys of the new neighboring nodes are already stored in the moving node.
- 4.
- The information needed to establish the shared keys are stored in the nodes before deployment by an offline TA. Therefore, an adversary cannot attack the TA to obtain the secret polynomial $f(x,y)$ and the information required to compute the shared keys.
- 5.
- Elliptic curves are used in the proposed scheme, which increases the complexity of the calculation. Scalar multiplication and the group law of elliptic curves are implemented, instead of just adding and multiplying integers.
- 6.
- This scheme can be implemented in WSNs, and also possibly in DLT technology, as discussed earlier.

**The disadvantages:**

- 1.
- The proposed scheme does not support the flexibility requirement. In other words, if our proposed scheme is implemented in a network, then new joining nodes cannot simply join the network, since the identities or the public keys of the new nodes were not distributed in the existing nodes before deployment.
- 2.
- The proposed scheme is not secure against the capture of nodes. However, Albakri et al. [23] mentioned that there are several security mechanisms that can be utilized to eliminate this problem, such as tamper-proof mechanisms to protect the information in the nodes from an attacker, even if the attacker captures the nodes.

#### 6.3. The Comparison of the Proposed Scheme with Other Existing Schemes

## 7. Conclusions

## Author Contributions

## Funding

## Institutional Review Board Statement

## Informed Consent Statement

## Data Availability Statement

## Acknowledgments

## Conflicts of Interest

## Abbreviations

WSN | wireless sensor network |

TA | trusted authority |

DLT | distributed ledger technology |

MSP | membership service provider |

MRD | maximum rank distance |

MDS | maximum distance separable |

PKI | public key infrastructure |

## References

- Dargie, W.; Poellabauer, C. Fundamentals of Wireless Sensor Networks: Theory and Practice, 1st ed.; John Wiley & Sons Ltd.: West Sussex, UK, 2010; ISBN 978-0-470-99765-9. [Google Scholar]
- Gaubatz, G.; Kaps, J.-P.; Sunar, B. Public key cryptography in sensor networks–revisited. In Proceedings of the Security in Ad-hoc and Sensor Networks, Heidelberg, Germany, 6 August 2004; pp. 2–18. [Google Scholar]
- Rivest, R.L.; Shamir, A.; Adleman, L. A method for obtaining digital signatures and public–key cryptosystems. Commun. ACM
**1983**, 26, 96–99. [Google Scholar] [CrossRef] - Miller, V.S. Use of Elliptic Curves in Cryptography. In Proceedings of the Advances in Cryptology—CRYPTO ’85, Santa Barbara, CA, USA, 18–22 August 1985; Lecture Notes in Computer Science. Williams, H.C., Ed.; Springer: Berlin/Heidelberg, Germany, 1985; Volume 218, pp. 417–426. [Google Scholar]
- Ahlawat, P. Key distribution and management in wsn security: A state of the art. Int. Innov. Technol. Explor. Eng. (IJITEE)
**2019**, 9, 462–472. [Google Scholar] [CrossRef] - Zhang, J.; Varadharajan, V. Wireless sensor network key management survey and taxonomy. J. Netw. Comput. Appl.
**2010**, 33, 63–75. [Google Scholar] [CrossRef] - Premamayudu, B.; Rao, B.T.; Rao, K.V.; Peram, S.R. Key pre- distribution protocol for node to node for wireless sensor networks. Ann. R. Soc. Cell Biol.
**2021**, 25, 16769–16779. [Google Scholar] - Dargahi, T.; Javadi, H.H.; Hosseinzadeh, M. Application-specific hybrid symmetric design of key pre–distribution for wireless sensor networks. Secur. Commun. Netw.
**2015**, 8, 1561–1574. [Google Scholar] [CrossRef] - Blom, R. An optimal class of symmetric key generation systems. In Proceedings of the Advances in Cryptology EUROCRYPT 1984, Paris, France, 9–11 April 1984; Beth, T., Cot, N., Ingemarsson, I., Eds.; Lecture Notes in Computer Science. Springer: Berlin/Heidelberg, Germany, 1985; Volume 209, pp. 335–338. [Google Scholar]
- Udin, M.N.; Mohd Amin, F.A.; Abdul Malek, A.; Zulkifili, N.A.; Ghazali, N.A.; Mohd Ridzuwan, S.A. Implementation of Blom’s key pre-distribution scheme by using elliptic curve cryptography. Malays. J. Comput.
**2021**, 6, 812–822. [Google Scholar] - El Ioini, N.; Pahl, C. A Review of Distributed Ledger Technologies. In Proceedings of the OTM 2018 Conferences, On the Move to Meaningful Internet Systems, Valletta, Malta, 22–26 October 2018; Panetto, H., Debruyne, C., Proper, H., Ardagna, C., Roman, D., Meersman, R., Eds.; Springer: Cham, Switzerland, 2018; pp. 277–288. [Google Scholar]
- Menezes, A.J.; Van Oorschot, P.C.; Vanstone, S.A. Handbook of Applied Cryptography, 1st ed.; CRC Press: Boca Raton, FL, USA, 1996; ISBN 0-8493-8523-7. [Google Scholar]
- Du, W.; Deng, J.; Han, Y.S.; Varshney, P.K.; Katz, J.; Khalili, A. A pairwise key pre-distribution scheme for wireless sensor networks. ACM Trans. Inf. Syst. Secur. (TISSEC)
**2005**, 8, 228–258. [Google Scholar] [CrossRef] - Lazos, L. ECE596C: Key Distribution. Available online: https://uweb.engr.arizona.edu/~ece596c/lazos/lectures/lecture15.pdf (accessed on 12 October 2022).
- Reddy, R.S. Key management in wireless sensor networks using a modified Blom’s scheme. arXiv
**2011**, arXiv:1103.5712. [Google Scholar] [CrossRef] - Khan, E.; Gabidulin, E.; Honary, B.; Ahmed, H. Matrix-based memory efficient symmetric key generation and pre-distribution scheme for wireless sensor networks. J. IET Wirel. Sens. Syst.
**2012**, 2, 108–114. [Google Scholar] [CrossRef] - Wang, Y.; Qin, Z.; Zhang, Q.; Wang, H.; Huang, J. A key pre- distribution scheme based on multiple key spaces in wireless sensor networks. In Proceedings of the 2014 Tenth International Conference on Computational Intelligence and Security, Kunming, China, 15–16 November 2014; pp. 652–656. [Google Scholar]
- Hussain, A.W.; Ibrahem, M.K. An efficient pairwise and group key management scheme for wireless sensor network. J. Int. J. Enhanc. Res. Sci. Technol. Eng.
**2015**, 4, 25–31. [Google Scholar] - Belim, S.V.; Belim, S.Y. Implementation of simplex channels in the Blom’s keys pre-distribution scheme. J. Phys. Conf. Ser.
**2019**, 1210, 1–5. [Google Scholar] [CrossRef] - Androulaki, E.; Barger, A.; Bortnikov, V.; Cachin, C.; Christidis, K.; De Caro, A.; Enyeart, D.; Ferris, C.; Laventman, G.; Manevich, Y.; et al. Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains. In Proceedings of the Thirteenth EuroSys Conference, Porto, Portugal, 23–26 April 2018; pp. 1–15. [Google Scholar]
- Hyperledger. Available online: http://www.hyperledger.org (accessed on 29 November 2022).
- Hyperledger Fabric. Available online: http://github.com/hyperledger/fabric (accessed on 29 November 2022).
- Albakri, A.; Harn, L.; Maddumala, M. Polynomial-Based Lightweight Key Management in a Permissioned Blockchain. In Proceedings of the 2019 IEEE Conference on Communications and Network Security (CNS), Washington, DC, USA, 10–12 June 2019; pp. 1–9. [Google Scholar]
- Summary for Greatest Common Divisor. Available online: https://www.xiangsun.org/wp-content/uploads/2013/02/gcd.pdf (accessed on 12 October 2022).
- Washington, L.C. Elliptic Curves: Number Theory and Cryptography, 2nd ed.; Chapman & Hall/CRC: Boca Raton, FL, USA, 2008; ISBN 978-1-4200-7146-7. [Google Scholar]
- Pinter, C.C. A Book of Abstract Algebra, 2nd ed.; Dover Publications, Inc.: Mineola, NY, USA, 1990; ISBN 978-0-486-47417-5. [Google Scholar]
- Burden, R.L.; Faires, J.D. Numerical Analysis, 9th ed.; Brooks/Cole, Cengage Learning: Boston, MA, USA, 2011; ISBN 978-0-538-73351-9. [Google Scholar]
- Kandi, M.A.; Kouicem, D.E.; Doudou, M.; Lakhlef, H.; Bouabdallah, A.; Challal, Y. A decentralized blockchain-based key management protocol for heterogeneous and dynamic IoT devices. Comput. Commun.
**2022**, 191, 11–25. [Google Scholar] [CrossRef]

Notation | Description |
---|---|

p | A prime |

${\mathbb{F}}_{p}$ | Finite field with p elements |

N | The total number of nodes |

$\lambda $ | A positive integer |

gcd $(a,b)$ | The greatest common divisor of integers a and b |

E | An elliptic curve defined over field K of form $E:{y}^{2}={x}^{3}+Ax+B$ where |

$A,B\in K$ | |

$E\left(L\right)$ | The set of points with coordinates in some field L on E, i.e., |

$$E\left(L\right)=\{(x,y)\in L\times L\mid {y}^{2}={x}^{3}+Ax+B\}\cup \left\{{\mathcal{O}}_{\infty}\right\}$$
| |

$\left|E\left({\mathbb{F}}_{p}\right)\right|$ | The number of points on E |

${\mathbb{Z}}_{\left|E\right({\mathbb{F}}_{p}\left)\right|}$ | Integers modulo $\left|E\left({\mathbb{F}}_{p}\right)\right|$ |

P | A point on E |

${\mathcal{O}}_{\infty}$ | Point at infinity on E |

$f(x,y)$ | A secret symmetric bivariate polynomial known only by the trusted authority |

${U}_{s}$ | The $s\mathrm{th}$ node where $1\le s\le N$ |

${r}_{{U}_{s}}$ | The public key of node ${U}_{s}$ used in the proposed scheme where $1\le s\le N$ |

${g}_{{U}_{s}}\left(x\right)$ | $f(x,{r}_{{U}_{s}})$, i.e., secret information given to node ${U}_{s}$ where $1\le s\le N$ |

${K}_{{U}_{s}{U}_{t}}$ | $f({r}_{{U}_{s}},{r}_{{U}_{t}})$, i.e., the shared key between node ${U}_{s}$ and node ${U}_{t}$ where $1\le s\le N$, |

$1\le t\le N$ and $s\ne t$ |

Requirement | Description |
---|---|

Resilience | Capturing devices must have a minimal impact on the network security |

Connectivity | The probability of sharing keys between nodes must be maximum |

Mobility | Moving devices must share keys with their new neighbors |

Flexibility | Devices must be able to join or leave the network at any time |

Scalability | Increasing the network size must not degrade performance |

Scheme | Resilience | Connectivity | Mobility | Flexibility | Scalability | Use of Elliptic Curves | Value of $\mathit{\lambda}$ |
---|---|---|---|---|---|---|---|

Blom [9] | $\lambda $ | 1 | Yes (within network) | No | High | No | Any positive integer |

Lazos [14] | $\lambda $ | 1 | Yes (within network) | No | High | No | Any positive integer |

Khan et al. [16] | N (total number of nodes) | 1 | Yes (within network) | Yes | High | No | Any positive integer |

Wang et al. [17] | $\lambda $ | 1 | Yes (within network) | Yes | High | No | Any positive integer |

Udin et al. [10] | Unknown | 1 | Yes (within network) | No | High | Yes | 1 |

Our scheme | $\lambda $ | 1 | Yes (within network) | No | High | Yes | Any positive integer |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Antony, S.N.F.M.A.; Bahari, M.F.A.
Implementation of Elliptic Curves in the Polynomial Blom Key Pre-Distribution Scheme for Wireless Sensor Networks and Distributed Ledger Technology. *J. Sens. Actuator Netw.* **2023**, *12*, 15.
https://doi.org/10.3390/jsan12010015

**AMA Style**

Antony SNFMA, Bahari MFA.
Implementation of Elliptic Curves in the Polynomial Blom Key Pre-Distribution Scheme for Wireless Sensor Networks and Distributed Ledger Technology. *Journal of Sensor and Actuator Networks*. 2023; 12(1):15.
https://doi.org/10.3390/jsan12010015

**Chicago/Turabian Style**

Antony, Siti Noor Farwina Mohamad Anwar, and Muhammad Fatihin Afiq Bahari.
2023. "Implementation of Elliptic Curves in the Polynomial Blom Key Pre-Distribution Scheme for Wireless Sensor Networks and Distributed Ledger Technology" *Journal of Sensor and Actuator Networks* 12, no. 1: 15.
https://doi.org/10.3390/jsan12010015