**ABSTRACT**

This study proposes an anti-collusive self-healing group key distribution scheme with revocation using dual directional hash chain. The session key is computed from three parts: forward key, backward key and random session number. The former two parts are built on dual directional hash chain. Users are provided with a set of private secrets according to their legal lifetimes. In terms of communication cost, the proposed scheme is more efficient than the previous schemes not based on one-way hash chain and is slightly increased compared with the previous scheme based on one-way hash chain. According to the security analysis results, the proposed scheme can resist the collusion of revoked users and newly joined users.

PDF Abstract XML References Citation

####
**How to cite this article**

*Information Technology Journal, 8: 619-624.*

**DOI:**10.3923/itj.2009.619.624

**URL:**https://scialert.net/abstract/?doi=itj.2009.619.624

**INTRODUCTION**

Currently, wireless network has more applications in military operations, rescue missions, etc., where there are usually no network infrastructure supports and the adversaries may intercept, tamper even partially interrupt the communication. It is necessary to encrypt and authenticate the messages in the communication. Group key can be used to establish secure communication over an unreliable channel in wireless network.

In mobile wireless networks, users may move in or out of range frequently so that the topology of network dynamically changes with frequent membership changes. Therefore, group key must be re-keyed accordingly. When some legal users lost their keys due to network faults and then requested those keys from the group manager, not only the burden of the group manager was increased but also the wireless network traffic, as well. In order to make legal nodes recover their lost legal keys without asking the group manager, the research on self-healing key distribution started in 2002.

An important concept is session, which is a fixed interval of time. The group manager divides the total lifetime of group communication into certain number of sessions. Each session has a session key. At the beginning of group communication, the group manager sends personal secret information to each of initial group users. The group manager can add users to or remove users from the group at the beginning of each session. The central concept of self-healing key distribution is to broadcast some packets about key so that the legal users can recover their lost session keys due to network failure without requesting help from the group manager. It can decrease the work load on the group manager and reduce the network traffic. The self-healing key distribution scheme must guarantee that only legal users can recover their lost legal session keys but illegal users can not.

Our contributions in this study are as follows; first, we propose an efficient key distribution scheme with self-healing property and revocation capability for secure group communication in wireless network. Present scheme is based on dual directional hash chain so that it has significant improvement in terms of both communication and storage cost compared with those previous schemes which are not based on hash chains. Second, random numbers are used in the process of achieving the important factor for computing session keys. Therefore, our scheme can resist the collusion of revoked users and newly joined users, while the previous schemes based on hash chains can not totally overcome such flaw.

Self-healing key distribution with revocation was first introduced by Staddon *et al*. (2002). In terms of entropy theory, definitions and lower bounds on resources were provided. Liu *et al*. (2003) generalized the definition 2 in the scheme (Staddon *et al*., 2002) and provided a more efficient construction. Blundo *et al*. (2004) showed an attack applied to the first construction in scheme (Staddon *et al*., 2002) and presented a new scheme different from those methods (Liu * et al*., 2003; Staddon *et al*., 2002). In the scheme (Blundo *et al*., 2004), a user can recover all the lost legal session keys simply by using the current broadcast messages. Hong and Kang (2005) changed the redundant mode of session key. All the above schemes are based on Shamir’s secret sharing technique. Saez (2005a, b) adopted vector space secret sharing instead of Shamir’s secret sharing to realize the self-healing key distribution (Saez, 2005a) and sponsorization (Saez, 2005b). More *et al*. (2003) proposed a sliding-window self-healing key distribution scheme. Zou and Dai (2006) adopted a new revocation polynomial to make illegal users get wrong random values. Dutta and Mukhopadhyay (2007a, b) and Dutta *et al*. (2007b, 2008) did not divide session keys into two polynomials but concealed the session keys directly. Jiang *et al*. (2007) proposed a concept of dual directional hash chain. Other schemes (Dutta *et al*., 2007a; Shi *et al*., 2007) were also based on hash chain, which could reduce the communication cost and storage cost. However, these schemes (Dutta *et al*., 2007a; Jiang *et al*., 2007; Shi *et al*., 2007) can not resist collusion between revoked users and newly joined users. In order to overcome this drawback, Tian *et al*. (2008) proposed a scheme based on vector space secret sharing and one-way hash chains. However, the scheme was invalid for resisting collusion of newly joined users and revoked users whose lifetimes did not expire. In this study, we devote to totally solve the collusion in self-healing key distribution schemes based on hash function.

**PRELIMINARIES**

The notations used in the study are defined below:

U | : | Set of all users in the networks |

u_{i} | : | i-th user |

GM | : | Group manager |

n | : | Total number of users in networks |

m | : | Total number of session |

t | : | The maximum number of compromised users |

F_{q} | : | A field of order q |

S_{i} | : | Personal secret of user u_{i} |

B_{j} | : | Broadcast message by the GM in session j |

K_{j} | : | Session key generated by the GM in session j |

FS | : | Forward key seed generated by the GM |

BS | : | Backward key seed generated by the GM |

FK_{j} | : | i-th forward key in the forward key chain |

BK_{j} | : | i-th backward key in the backward key chain |

R | : | Set of all revoked users |

R_{j} | : | Set of revoked users in session j |

J_{j} | : | Set of joined users in session j |

A Dual Directional Hash Chain (DDHC) consists of two one-way hash chains with equal length, a Forward Hash Chain (FHC) and a Backward Hash Chain (BHC). First, GM generates two random key seeds, FS and BS, from finite field F_{q}. Then GM repeatedly applies the same one-way function H on each key seed to produce two hash chains of equal length m. So, the DDHC is denoted by {H(FS),…, H^{i}(FS),…, H^{m}(FS)} and {H(BS),…, H^{i}(BS),…, H^{m}(BS)} (Jiang *et al*., 2007).

We state the following definitions (Dutta *et al*., 2007a; Tian *et al*., 2008) that are aimed to computational security for session key distribution, according to the security model in scheme (Liu *et al*., 2003).

**Definition 1:** Let t,i ∈ {1,…,n} and j ∈ {1,…,m}

• | D is a session key distribution with privacy if. |

• | For any user u_{i}, the session K_{j} is determined by B_{j} and S_{i}. |

• | It is infeasible to compute session key K_{j} only from {B_{1},…, B_{m}} or {S_{1},.., S_{n}}. |

• | D has t-revocation capability if any user u_{i}εR, where |R|≤ t, can’t recover K_{j} from B_{j} and S_{i}. |

• | D is self-healing if any user u_{i} ∉ R who exists from session j_{1 }to session j_{2 }can recover K_{j}, where 1≤ j_{1}<j<j_{2}≤ m. |

**Definition 2:** D guarantees t-wise forward secrecy and backward secrecy if:

• | For any set R of users revoked before session j, where |R|≤ t, it is infeasible for the members in R together to get any information about K_{j}, even with the knowledge of keys K_{1},…, K_{j-1} before session j. |

• | For the set J of new users joined after session j, where |J|≤ t, it is infeasible for the members in J together to get any information about K_{j}, even with the knowledge of keys K_{j+1},…, K_{m} after session j. |

**Definition 3:** D resist collusion if for disjoint set B and C, where B ⊂R_{v} ∪ … ∪ R_{1}, C ⊂J_{s} ∪ … ∪ J_{m }and |B ∪ C|≤ t, it is infeasible for collusion B ∪ C to get any information about K_{j}, where v<j<s.

To sum up, definition 1 defines a self-healing key distribution scheme with revocation capability. Definition 2 defines both forward secrecy and backward secrecy. Definition 3 defines resisting collusion property.

**PROPOSED SCHEME**

The lifetime of group communication is divided into m sessions, where a session is a fixed interval of time. The scheme considers all of operations taking place in a finite field F_{q}, where q is a large prime number (q>m). The scheme never allows the revoked users to rejoin the group in later sessions. Let H: F_{q} → F_{q} be a cryptographically secure one-way hash function.

The self-healing key distribution scheme consists of five procedures, i.e., setup, broadcast, key recovery, adding new members and self-healing, which are defined as follows:

**Setup:** GM randomly picks two initial key seeds, FS and BS, from F_{q}. In the pre-processing time, it repeatedly applies the one-way function H on FS and BS to produce DDHC of equal length m. For 1≤ j≤ m, the j-th session key is computed by:

K _{j} = (H(FS)^{j}+H(BS)^{m-j+1})c_{j} |

where c_{j} is a random number corresponding to session j.

For m sessions, GM chooses, independently and uniformly at random, m t-degree(t<m,n) polynomials h_{1}(x),h_{2}(x),…, h_{m}(x) ∈ F_{q}[x] and generates m random numbers r_{1},r_{2},…,r_{m} ∈ F_{q}, respectively corresponding to h_{1}(x),h_{2}(x),…, h_{m}(x).

For 1≤ i≤ m, each user u_{i} whose lifetime is from session *l* to session v receives the private secrets corresponding to his legal sessions. The private secrets include set S_{i} = {h* _{l}*(u

_{i}),h

_{l+1}(u

_{i}),…, h

_{v}(u

_{i})}, set r ={r

*,r*

_{l}_{l+1},…,r

_{v}}, forward key seed SFK

_{i}=H(FS)

^{l}and backward key seed SBK

_{i}=H(BS)

^{m-v+1}. GM and u

_{i}communicate through secure channel.

**Broadcast:** Let R_{j} be the set of all users revoked in and before sessions j, where |R_{j}|=z_{j}<t. In the j-th session GM firstly produces random number c_{j} in the finite field F_{q}. Secondly, GM produces the revocation polynomial A_{j}(x)= ∏ ^{zj}_{i=1}(x-u_{i}), where u_{i} ∈ R_{j} and the broadcast polynomial W_{j}(x)=A_{j}(x)c_{j}+h_{j}(x), where the polynomial h_{j}(x) plays the role of masking polynomial. Thirdly, GM produces the set C_{j} = {c_{j}r_{1}(c_{1}+c_{2}), c_{j}r_{2}(c_{2}+c_{3}), …, c_{j}r_{j-2}(c_{j-2}+c_{j-1}), c_{j}r_{j-1}c_{j-1}}. Finally, GM broadcasts the message B_{j} = {W_{j}(x),C_{j},_{,}R_{j}}.

**Key recovery:** When a non-revoked user u_{i} receives the j-th broadcast message B_{j}, u_{i} firstly evaluates A_{j}(u_{i}) and subsequently recovers c_{j} = (W_{j}(u_{i})-h_{j}(u_{i}))/A_{j}(u_{i}). Secondly, u_{i} computes the j-th forward key Fk_{j} = H(SFK_{i})^{j-l} and backward key BK_{j}=H(SBS)^{v-j}. Finally, u_{i} computes the j-th session key K_{j}=(FK_{j}+BK_{j})c_{j}.

**Adding group member:** When a new user u_{i} expects to join the group and to be active from session *l* to session v, u_{i} must get in touch with GM. The GM computes u_{i}’s private secrets, i.e., set S_{i} = {h* _{l}*(u

_{i}), h

_{l+1}(u

_{i}),…, h

_{v}(u

_{i})}, SFK

_{i}= H(FS)

^{1}and SBK

_{i}= H(BS)

^{m-v+1}. Finally, the GM sends {S

_{i},r = {r

*,r*

_{l}_{l+1},…,r

_{v}}, SFK

_{i}, SBK

_{i}} to u

_{i }via secure channel between GM and u

_{i}.

**Self-healing: **Suppose user u_{i }whose lifetime is from session *l* to session v receives broadcast message B_{j1} in session j_{1}, but not message B_{j} for session j, where 1≤ *l*<j<j_{1}≤ v≤ m user u_{i} can recovers the lost session key K_{j }as follows:

Firstly, u_{i }repeatedly applies the one-way function H on each of his two key seeds, SFK_{i} and SBK_{i }obtained in joining process, until u_{i }gets the forward key Fk_{j} = H(SFK_{i})^{j-l} and the backward key Bk_{j} = H(SBK_{i})^{v-j }for session j.

Secondly, for broadcast message B_{j1 }={W_{j1}(x),C_{j1},R_{j1}}, user u_{i }computes c_{j1 }from W_{j1}(u_{i}) by his private secret h_{j1}(u_{i}). By dividing each item of set C_{j1} by c_{j1}, user u_{i} obtains a new set C_{j1}’ ={r_{1}(c_{1}+c_{2}),r_{2}(c_{2}+c_{3}),…, r_{j1-2}(c_{j1-2}+c_{j1-1}), r_{j1-1}c_{j1-1}}.

Thirdly, user u_{i} has a private secret set r’ = {r* _{l}*,…,r

_{j}, r

_{j+1},…, r

_{j1-1},…, r

_{v}}. Therefore, By using the private secret set r’= = {r

_{j}, r

_{j+1},…, r

_{j1-1}}, where r’= ⊂r’, user u

_{i}can compute c

_{j}as follows:

• | Dividing respectively each item of set C_{j1}’= = {r_{j}(c_{j}+c_{j+1}),…, r_{j1-2}(c_{j1-2}+c_{j1-1}), r_{j1-1}c_{j1-1}} by corresponding item of set r’=, where set C_{j1}’= is a subset composed of the latter j1-j items in C_{j1}’, u_{i} will work out the final set C_{j1}’== = {c_{j}+c_{j+1},…,c_{j1-3}+c_{j1-2}, c_{j1-2}+c_{j1-1}, c_{j1-1}}. |

• | u_{i} can work out c_{j} by a serial of subtraction operations in reverse order as follows: u_{i} can get c_{j1-2} by the subtraction operation of the last two items, i.e., (c_{j1-2}+c_{j1-1})-c_{j1-1}. Therefore, the resultant c_{j1-2} can be used to work with c_{j1-3}+c_{j1-2} to get c_{j1-3} and so on. By this means, u_{i} finally works c_{j} out. |

Finally, K_{j}=(FK_{j}+BK_{j})c_{j}.

**SECURITY ANALYSIS**

Present study shows that proposed scheme realizes a self-healing key distribution with revocation capability and resisting collusion property. Now, we will prove that our scheme satisfies all the conditions required by definition 1, 2 and 3.

**Theorem 1:** The scheme is secure, self-healing key distribution scheme with t-revocation capability with respect to definition 1.

**Proof 1:** The scheme is a session key distribution with privacy.

• | The process of computing session key K_{j} by a non-revoked user u_{i} via broadcast message B_{j} and his private secrets is described in the third step of proposed scheme. |

• | The session key K_{j} for session j is computed from three parts: forward key FK_{j}, backward key BK_{j} and random number c_{j}. A user who does not join the group does not compute the session key K_{j} due to lacking the information about FK_{j }and BK_{j}, even if the user has already gathered all broadcast messages. Similarly, because random number c_{j }has been concealed in broadcast messages, users holding all private secrets still can not compute K_{j }before computing c_{j} from broadcast messages. Therefore, it is infeasible to determine session key only from broadcast messages or personal private secrets. |

**Proof 2:** The scheme has t-revocation capability.

Let R = R_{j} ∪ … ∪ R_{1} (|R|<t) be the set of revoked users in and before session j. For user u_{i} ∈ R, because the revocation polynomial A_{j}(u_{i}) is always zero, user u_{i} can not compute c_{j } from broadcast polynomial W_{j}(u_{i}). Therefore, coalition R must attack the masking polynomial h_{j}(x) to get c_{j}. For the size of the coalition R is t at most, the colluding users only have at most t points on the masking polynomial h_{j}(x). But the degree of the polynomial h_{j}(x) is t. Hence coalition R can not recover h_{j}(x). Because there is no information of c_{j}, it is infeasible for the coalition R to compute session key K_{j}.

**Proof 3:** The scheme has self-healing capability, as is described in the fifth step of proposed scheme.

**Theorem 2:** The scheme achieves t-wise forward security and backward security with respect to definition 2.

**Proof 1:** Let R=R_{j} ∪ … ∪ R_{1} (|R|<t) be a coalition of revoked users colluding in and before session j. In order to attack t-degree polynomial h_{j}(x), coalition R needs at last t+1 points on h_{j}(x). But the size of coalition R is t at most. Hence coalition R can not recover h_{j}(x). Furthermore, because of the one-way property of BHC, it is computationally infeasible to compute Bk_{v }= H(BS)^{m-v+1} from Bk_{j }= H(BS)^{m-j+1} for j<v. Therefore, the scheme guarantees the t-wise forward security.

**Proof 2:** Let J = J_{j} ∪ … ∪ J_{m} (|J|<t) be a coalition of joined users colluding from session j. For session key K_{j1}, where j_{1}<j, coalition J requires at least t+1 points on polynomial h_{j1}(x) to attack t-degree polynomial h_{j}(x). However, the size of coalition J is t at most. Hence coalition J can not recover h_{j}(x). Furthermore, because of the one-way property of FHC, it is computationally infeasible to compute Fk_{j1} = H(FS)^{j1} from Fk_{j} = H(FS)^{j}. Therefore, the scheme guarantees the t-wise backward security.

**Theorem 3:** The scheme resists collusion of revoked users and newly joined users with respect to definition 3.

**Proof:** Let B ⊂R_{v} ∪ … ∪ R_{1} be a set of users revoked from group before session v and let D ⊂J_{s} ∪ … ∪ J_{m }be a set of users who joined the group from session s, where v<s. Set B and set D are disjointed. Set L ⊂B ∪ D, where |B ∪ D|<t, is a coalition of users colluding to attempt to get the session key K_{j} for session j, where v<j<s. the coalition L can easily compute forward key FK_{j }and backward key BK_{j} for session j via the property of DDHC. Therefore, it is necessary for coalition L to get c_{j}. Because the size of coalition L is t at most, the coalition L can not have at least t+1 point on t-degree masking polynomial h_{j}(x). Therefore, it is infeasible for the coalition L to get c_{j} by attacking masking polynomial h_{j}(x). Furthermore, in order to get c_{j}, the coalition L can resort to working on i-th broadcast set C_{i} for session i, where i>j. However, without the knowledge of private secret set {r_{v+1}, r_{v+2},…, r_{j},…, r_{s-1}} for session r_{v+1}, r_{v+2},…, r_{j},…, r_{s-1}, the coalition L can not get c_{j} from i-th broadcast set C_{i}. Therefore, it is infeasible for the coalition L to compute the session key K_{j} without the knowledge of random number c_{j} for session j. As a result, the scheme resists the collusion of revoked users and newly joined users.

**PERFORMANCE ANALYSIS**

In order to evaluate the performance of the proposed method, we will compare the communication complexity and storage cost between our scheme and the previous self-healing session key distribution schemes.

At the j-th session, the broadcast message B_{j} consists of t-degree broadcast polynomial W_{j}(x), set C_{j} and revocation set R_{j}. The size of set C_{j} is j-1. The communication cost for the broadcast of revocation set R_{j }can be ignored because the identity of users can be selected from a small finite field (Hong and Kang, 2005). Therefore, the communication cost of our scheme is O((t+j)logq) for session j.

In the process of joining group, user u_{i} who is legal from session j to session v obtains his private secrets, i.e., set S_{i}, set r, forward key seed SFK_{i} and backward key seed SBK_{i}. The size of set S_{i } and the size of set r are both *l*-v+1. Therefore, the storage cost of user u_{i} is a constant, O((2*l*-2v+4))logq),corresponding to his lifetime from session l to session v.

We compare the communication complexity and storage cost of our scheme with the previous schemes not based on one-way hash chain. The results are listed in Table 1. The schemes (Dutta and Mukhopadhyay, 2007a, b; Dutta *et al*., 2007b) do not have the capability of resisting collusion.

Table 1: | Comparison between our scheme and previous schemes not based on one-way hash chain |

Table 2: | Comparison between our scheme and previous schemes based on one-way hash chain |

The communication complexity of our scheme is O((t+j)logq) while those of the other schemes are more than or equal to O((t+j+1)logq). Furthermore, the storage cost of a user in our scheme is (2*l*-2v+4))logq which corresponds to his lifetime. Although the two schemes (Zou and Dai, 2006; Dutta *et al*., 2007b) are more efficient than ours in terms of storage cost, proposed scheme is more efficient than theirs in terms of the communication complexity. According to the comparison results in Table 1, we conclude that our scheme is more efficient than the previous schemes not based on one-way hash chain.

We compare the communication complexity and storage cost of our scheme with previous schemes based on one-way hash chain. The results are shown in Table 2. Although the two schemes (Jiang *et al*., 2007; Shi *et al*., 2007) are better than our scheme in term of communication complexity and storage cost, the users in the schemes (Jiang *et al*., 2007; Shi *et al*., 2007) can not be revoked by GM and will exit only with their lifetimes expiring. Furthermore, these two schemes can not resist the collusion of newly users and detached users. Although the scheme (Dutta *et al*., 2007a) has the revocation capability, it can not resist the collusion of newly joined users and revoked users. The scheme (Tian *et al*., 2008) can resist the collusion of newly joined users and revoked users whose lifetimes have expired. However, the scheme (Tian *et al*., 2008) can not resist the collusion of newly joined user and revoked users whose lifetimes do not expire. From the comparison in Table 2, although the communication cost and storage cost of proposed scheme are slightly increased, only our scheme can resist collusion of newly joined user and revoked users no matter whether their lifetimes expire or not.

**CONCLUSION**

In this study, an anti-collusive self-healing group key distribution scheme with revocation is proposed. A user is provided with a set of legal private secrets according to his lifetime. Forward key and backward key are built on DDHC. The communication cost of the proposed scheme is more efficient than those of the previous schemes not based on one-way hash chain, while the communication cost is slightly increased compared with those of the previous schemes based on one-way hash chain. By adopting random number set r corresponding to sessions, our scheme overcomes the vital drawback in previous schemes based on one-way hash chains. In a word, our scheme can resist the collusion of revoked users and newly joined users. The proposed scheme is secure and will find more applications in unreliable wireless network.

**ACKNOWLEDGMENTS**

This study is supported by National High Technology Research and Development Program of China under Grant No. 2007AA01Z446 and National Natural Science Foundation of China under Grant No. 60703014. The authors also gratefully acknowledge the helpful comments and suggestions of the reviewers and editors, which have improved the presentation.

####
**REFERENCES**

- Blundo, C., P. D'Arco, A. de Santis and M. Listo, 2004. Design of self-healing key distribution schemes. Des. Codes Cryptogr., 32: 15-44.

CrossRefDirect Link - Dutta, R., E.C. Chang and S. Mukhopadhyay, 2007. Efficient self-healing key distribution with revocation for wireless sensor networks using one way key chains. Proceedings of the 5th International Conference on Applied Cryptography and Network Security, Zhuhai, China, LNCS 4521, June 5-8, 2007, Springer, Berlin/Heidelberg, pp: 385-400.

CrossRefDirect Link - Dutta, R. and S. Mukhopadhyay, 2007. Designing scalable self-healing key distribution schemes with revocation capability. Proceedings of the 5th International Symposium on Parallel and Distributed Processing and Applications, Niagara Falls, Canada, August 29-31, 2007, Springer, Berlin/Heidelberg, pp: 419-430.

CrossRefDirect Link - Dutta, R. and S. Mukhopadhyay, 2007. Improved self-healing key distribution with revocation in wireless sensor network. Proceedings of the Wireless Communications and Networking Conference, March 11-15, 2007, Kowloon, China, pp: 2963-2968.

CrossRefDirect Link - Dutta, R., S. Mukhopadhyay and S. Ennanuel, 2008. Low band with self-healing key distribution for broadcast encryption. Proceedings of the 2nd Asia International Conference on Modeling and Simulation, May 13-15, 2008, IEEE CS Press, pp: 867-872.

CrossRefDirect Link - Dutta, R., Y.D. Wu and S. Mukhopadhyay, 2007. Constant storage self-healing key distribution with revocation in wireless sensor network. Proceedings of the International Conference on Communications, Glasgow, June 24-28, 2007, IEEE Press, Scotland, UK., pp: 1323-1328.

CrossRefDirect Link - Hong, D. and J.S. Kang, 2005. An efficient key distribution scheme with self-healing property. IEEE Commun. Lett., 9, 8: 759-761.

CrossRefDirect Link - Jiang, Y.X., C. Lin, M.H. Shi and X.M. Shen, 2007. Self-healing group key distribution with time-limited node revocation for wireless sensor networks. Ad Hoc Netw., 5,1: 14-23.

CrossRefDirect Link - Liu, D.G., P. Ning and K. Sun, 2003. Efficient self-healing group key distribution with revocation capability. Proceedings of the 10th ACM Conference on Computer and Communications Security, October 27-31, 2003, ACM Press, Washington, DC. USA., pp: 231-240.

CrossRefDirect Link - More, S.M., M. Malkin, J. Staddon and D. Balfanz, 2003. Sliding-window self-healing key distribution. Proceedings of the ACM Workshop on Survivable and Self-Regenerative Systems (In Association with 10th ACM Conference on Computer Communications Security), Fairfax, October 31, 2003, ACM Press, VA., United States, pp: 82-90.

CrossRefDirect Link - Saez, G., 2005. On threshold self-healing key distribution schemes. Proceedings of the 10th IMA International Conference on Cryptography and Coding, December 19-21, 2005, Springer Verlag, Cirencester, UK., pp: 340-354.

CrossRefDirect Link - Saez, G., 2005. Self-healing key distribution schemes with sponsorization. Proceedings of the 9th IFIP TC-6 TC-11International Conference on Communications and Multimedia Security, Salzburg, Austria, September 19-21, 2005 Springer Verlag, pp: 22-31.

CrossRefDirect Link - Shi, M.H., X.M. Shen, Y.X. Jiang and C. Lin, 2007. Self-healing group-wise key distribution schemes with time-limited node revocation for wireless sensor networks. IEEE Wirel. Commun., 14,5: 38-46.

CrossRefDirect Link - Tian, B., S. Han, T.S. Dillon and S. Das, 2008. A self-healing key distribution scheme based on vector space sharing and one way hash chains. Proceedings of the International Symposium on a World of Wireless, Mobile and Multimedia Networks, June 23-26, 2008, IEEE CS Press, USA., pp: 1-6.

CrossRefDirect Link - Zou, X.K. and Y.S. Dai, 2006. A robust and stateless self-healing group key management scheme. Proceedings of the International Conference on Communication Technology, Guilin, China, November 27-30, 2006, IEEE Press, pp: 1-4.

CrossRefDirect Link