Novel secret sharing scheme based on key transfer protocols in a wireless sensor network environment

Wireless sensor network (WSN) application is an emerging industry in the field of computer technology. WSN application plays a commercial role in different domains, such as military surveillance targeting, area monitoring, health care monitoring, environmental sensing, and data center monitoring. However, these applications face various problems, such as the lack of security protocols within devices as well as data transmission and communication issues in between sensors. That’s why, in the current age, security is the focus of many works, and constructing powerful security protocols is very challenging. Researchers currently focus on user’s confidentiality in WSNs environments to analyze problems using various approaches, claiming data security is the most salient concern for unauthorized entities. So, A WSN is a superior type of communication network because it shares data in special manners during the deployment of sensor nodes. Certain characteristics are unique to it. Secret sharing scheme is one of the most innovative and powerful schemes in the modern era of the cryptographic world, which consists of two basic parts, namely, distribution and reconstruction Unceremoniously, Secret Sharing Scheme is working on a unique player called dealer which contains the smallest size of every participant shared secret information. It is a very significant aspect when they distribute the secret, and it would be a small size of the share as needed for the energy-constrained WSNs under the comprehensive security application. Therefore, we presented a theoretically secure, novel secret sharing scheme (SSS) for WSN for


Introduction
*In this modern era, wireless sensor network (WSN) applications play a vital role in different domains, such as information technology, electronics, healthcare, and hazardous environments. These applications aim to obtain information from different fields. In these applications, data security is the most salient concern for unauthorized entities. A huge amount of graphic data, such as images and videos, could be composed of sensor nodes (Liu et al., 2018). These data are mostly authorized by the approachability of sensors that are too small, inexpensive, and with limited memory storage and computational power, but they also perform very intelligently (Pottie and Kaiser, 2000;He et al., 2016). In general, collected data from the sensor nodes could be transferred and combined from the gateway node occasionally. However, if users intend to access the total amount of data from the sensor getaway node, then they must be authenticated first to the getaway node. Users need to access the data from the nodes directly in certain applications, such as healthcare observing, battlefield surveillance. Data is the most important factor in sensor nodes, and sensors are highly sensitive and discreet. Therefore, an authentication policy between a user and a senor is necessary. To date, many authentication schemes are proposed (Das, 2009;He et al., 2010;2015a;Khan and Alghathbar, 2010;Sun et al., 2013;Watro et al., 2004;Xue et al., 2013;Yeh et al., 2011) in this scenario. Moreover, getaway must be authenticated, and the user must be classified as real or fake. In the case of a real user, a common session key shall be created between the user and sensor node with the support of the getaway sensor node. After this scenario, the session key will be used for the protection and integrity of the required data (Shen et al., 2017a). Introducing cryptographic schemes over WSNs at different secure applications is a highly challenging condition for researchers and scientists. Moreover, wired networks have very high bandwidth capacity and working power. Hence, WSNs are unique technology with unique features (Wood and Stankovic, 2002). WSNs have very important features, such as group key management, ensured confidentiality, robustness in contradiction of communication, denial of service attack, and verification. Moreover, these applications may contain authentication in group-based management, intrusion, and detection as well as security against traffic flow examination. Encryption and decryption techniques are commonly used for protecting groupbased communication. The keys must be handled in a secure way when they are undergoing updating, creating, analyzing, and distribution to ensure the security of group-based communication. Moreover, the key establishment protocol prior to altering secret data is to share the keys across all withingroup participants in a very secure way. The main key establishment protocols used are key transfer and key agreement protocols. Key transfer protocol (KTP) depends on the key generation center (KGC), which chooses the group key for communication among group members by distributing one or more keys during registration. With respect to the key agreement protocol, the common group key is resolved by interchanging the public keys of two communication parties in the presence of communication entities. Authenticated group communication (AGC) is the process in which members of a group can communicate in a very secret manner, and the group information is not accessible to any person outside the group. In this situation, a group key is created for each participants' group members. Such a key could be used to encrypt all the messages intended for the group.
Secret sharing has been used for creating "group key distribution protocols" in recent years. Two main types of "group key distribution protocols" are considered in this study. We assume one trusted offline server that can be active only at initialization (Sáez, 2003); an active server always active sees details (Laih et al., 1989). The first type of protocol is called the key pre-distribution scheme, wherein a trusted server, that is, KGC, creates and distributes small pieces of information to all the trustee's offline users. When starting group communication, each legal group member can compute the secret key of the group, whereas illegal members cannot access the key. A substantial disadvantage in this approach is that each user involved in communication must store substantial secret information. In the second type of approach, an online server must be active and can distribute group keys to every member of the group. Secret sharing is used for different protocols of WSNs, including group key management, and data confidentiality is required (Harn and Lin, 2010;Lee et al., 2011;Di Pietro and Guarino, 2013). Authenticated group key transfer protocol (AGKTP) introduced in Harn and Lin (2010) requires an online key generation center for constructing and distributing a group-based key. These keys raise the overhead to construct the system while decreasing the system's flexibility. A method for replicating the keying scheme is explored in Lee et al., (2011), and this method is more active without a trusted server called KGC. In this regard, a group key created is between the trusted members and all the group members for the final key derivate. However, both schemes (Harn and Lin, 2010;Lee et al., 2011) cover coupling-based computations, which cannot deliver the cipher group for universally attached to WSN devices. Similarly, these schemes have security weaknesses as verified in Yuan et al. (2013); these weaknesses include doubt of chasing the random values for every member in group and doubt on man in the middle attacks. This article is organized as follows. Section 2 features related works regarding the proposed scheme, section 3. Security challenges for WSNs, Section 4 reviews different types of attacks on WSNs. Sections 5, 6, and 7 present the proposed schemes, discussions, and conclusions of the article.

Related work
In the case of the security features under the aforementioned applications, many secure protocols have been proposed (Shen et al., 2017b;He et al., 2015b;Jiang et al., 2017;. Researchers currently focus on user's confidentiality in WSNs environments. Different researchers analyze problems using various approaches, claiming security in their proposed protocols. We studied the following proposed protocols. Shamir (1979) proposed a very basic scheme on how to divide secret information = 1 , 2 , 3 , . . . . participants and presented a concept for reconstruction of shares. Their scheme is suitable for key management in cryptographic devices. Kurihara et al. (2008) proposed a new scheme based on ( , ) threshold scheme. This scheme gives the concept of high performance. The researchers used the basic concepts of EXCLUSIVE-OR functions for recovery the secret information. Omote and Thao (2015) proposed the concept of a secret sharing scheme (SSS), which is based on sleeping wolf coding. They tried to obtain an optimum size of shares as well as renew the shares deprived of identifying secret. Koga and Honjo (2014) examined an SSS that is based on shortened Reed-Solomon code. They divided secret information 1 , 2 , 3 , . . . . . in between the shares of participants 1 , 2 , 3 , . . . . to satisfy certain − + system of linear equation. Hsu et al. (2016) designed a protocol based on linear SSS, an assumption of factoring problem. This scheme is suitable for special WSN applications, such as key transfer protocols. Hsu et al. (2014a) constructed a key transfer protocol based on SSS for big data problems. This protocol works without an online position of KGC. The researchers used a DH key agreement via key encryption and decryption. Hsu et al. (2014b) proposed an authenticated protocol, which is based on LSSS as well as the EI Gamal cryptosystem. KGC can send secret key information to each participant members. The researchers claimed that transferred keys within the protocol must be secured. Sun et al. (2012) used an enhanced SSS that is deprived of Langrage interpolation polynomial. They proposed a scheme based on mutual authentication for a surety, wherein participants within the group could achieve only the accurate session key. Moreover, all members could store only a unique secret key for each session during the communication flow. Changes in any group member will not affect existing shares. Jaiswal and Tripathi (2017) introduced a novel based group key transfer protocol by implementing elliptic curve cryptography (ECC) as well as Shamir (1979) SSS. In this protocol, any group member could play the role of KGC without online condition. Harn et al. (2018) proposed protocol, wherein they escaped the mutually trusted server KGC, and each user played an active role as a trusted user. During the initialization phase of registration, each user plays an active role as a KGC to give access to another user and provide sub shares to other members. Homomorphism SSS enabled each sub share of every member to be joint in a master share. Moreover, the master share could publish a pair-wised key in between the pair of members. Eschenauer and Gligor (2002) proposed key management schemes for design to gratify the operational and authentication requirements of WSNs. In their schemes, they chose the distribution and cancelation of keys to direct sensor nodes and node rekeying that are deprived of computation and communication competencies. Their research approach was scalable and flexible, and adjustment could be built between senor memory and connectivity. In the solution of the scheme, every sensor would be initialized within a ring key. Chan et al. (2003) proposed a protocol called "qcomposite scheme," which features flexibility and random key scheme (RKS). RKS is a fundamental solution based on a couple of nodes that create a protected path when they distribute q-keys. Moreover, they found a solution to node detection attacks because the adversary required intersection keys to break an authenticated link. This solution damages the system over a network regarding authenticated connectivity. Rasheed and Mahapatra (2011) proposed a couple of key pre-distribution scheme, which permits a mobile sink to create a secure data communication channel regarding sensor nodes. This scheme is basically based on the polynomial-based pool scheme. The security of this scheme indicates, with high probability and short communication cost, that a sensor node could create pairwise keys among the mobile sink. Ruj et al. (2013) designed a pairwise key scheme for WSN in the utilization of pre-distribution based on combinational design. The benefits of this scheme over pairwise keys are security and bandwidth necessities, which are eligible for stationary and mobile service networks. They applied a polynomial scheme for each of the three nodes in case of a unique key. Li and Xiong (2013) proposed an online and offline sign-cryption-based scheme, which permits a sensor node in identity-based cryptography to deliver a message to an Internet host regarding PKI. The scheme could reduce the computational cost for sensor nodes. The researchers claim that the scheme is suitable for WSNs and IoT solutions. Blom (1983) proposed an establishment scheme for pairwise keys grounded on threshold cryptography. Zhang et al. (2018) proposed a key exchange protocol based on ECC. This protocol is suitable for WSN applications. However, it consumes higher energy than computation resources. Khan et al. (2012) introduced a key establishment protocol for WSNs using a pre-distribution scheme with the help of a symmetric matrix regarding maximum rank distance. They divided sensor nodes into multiple groups, and they took part in information in each node of senor to create link keys between all nodes. Wu et al. (2017) proposed an authenticated scheme, which will be secure in the formal model as regard security purposes. Watro et al. (2004) introduced a scheme based on the RSA algorithm in the sensor environment. Das (2009) proposed a two-factor authenticated scheme for WSNs. However, certain researchers (He et al., 2010;Khan and Alghathbar, 2010) found a weakness in the Das (2009)

proposed protocol. A brief introduction on different types of attacks on WSNs
Most WSN protocols are too simple and weak against different types of attacks, which work on ad hoc networks. Many threats in WSNs occur during communication over the networks. We discuss some of the attacks as follows: 1. Spoofed/altered attack: This type of attack can target data of routing swapped in between the node. The attacker can create a routing ring that can produce wrong information, such as large end-to-end inactivity, decreased source gateways, and network barrier. 2. Selective forwarding attack: This type of attack, malicious nodes, could decline because of specific onward information, and they fundamentally fall down. A malicious node could not spread ahead, and it could behave like a black hole. Moreover, each established message could be rejected. This type of attack is fast and efficient because the attacker could involve the data flow between the different nodes. 3. Sinkhole: In this type of attack adversary, a sinkhole must be established at the midpoint. An attacker always tries to obtain data flow in a certain path to compromise node regarding particular routing algorithms. Action nodes will be compromised and affect side nodes. Many protocols could try to examine the quality between end-to-end sessions and encompassing the reliability of the messages. 4. Sybil attack: As regards this attack, one node tries to offer multiple individualities to an against node over the network. It could be meaningfully decreased and affect the failure of the network. This type of attack is placed in different places at once. 5. Wormholes attack: In such a kind of attack, an attacker could be a single part of the network and can catch messages over the dormancy path and pay them back in between different parts over a tunnel. 6. HELLO flood attack: This very high type of attack is presented by a sensor network. Here, a node could be persuaded by such an adversary to be loyal for being a nearby member and having the ability to transfer the wrong information with the high-speed flow. 7. Spoofing attack: The objective of this attack is that an attacker can try to prove a sender-side that a dead node is strong or a weak path is strong. An adversary can remove messages flow against the dead nodes (Ali et al., 2019a;2019b).

Security challenges for WSNs
A WSN is a superior type of communication network because it shares data in special manners during the deployment of sensor nodes. Certain characteristics are unique to it. Security for WSNs services can defend the data communications with the support of unique keys over the network, and attackers could mislead the nodes of data. Certain important security needs are listed under the following: 1. Data privacy: The security appliance could guarantee that no message within the network is analyzed by the attacker, except the participant. The two most important issues exist concern privacy in WSNs. The sensor node could not permit its reading to be retrieved by its neighbors, except they are authorized. The mechanism of key transfer should be robust. Public data suppose for sensor characteristics. Public keys for sensor nodes could be encrypted by actual conditions for the protection against attackers.

Availability: This section ensures that facilities
for WSNs must be in the present condition. Even the availability of attacks supposes as DOS-denial of service. Scientists and researchers propose different types of schemes. 3. Authentication: It allows required sources or close-fitting information to authenticate by sensor nodes from base to heads stations. 4. Authorization: As regard authorization, only legal nodes could negotiate a special activity. 5. Freshness: It defines whether the data is fresh and can provide a security layer over the network in regard to attack. 6. Integrity: No entity and message could be altered, and it tries to negotiate between sender to receiver.
Cryptography secured schemes are mostly used to support the basic requirement of sensors networks. However, the sensor nodes are very sensitive in the case due to computational and memory capabilities. The most popular traditional techniques of cryptography could not be simplified to move in WSNs without familiarizing them. Two basic keys, namely symmetric and asymmetric keys, are used in WSNs for security purposes.

Symmetric key
A symmetric key is also called secret-key cryptography. This key allows the use of a single key for encryption and decryption purposes. This key is used as a secret over a WSN, making it very hard to expose. This key is more efficient than the asymmetric key system. The process is not complicated when applying encryption and decryption methods, such as AES and 3DES. Fig. 1 shows the encryption and decryption processes in the symmetric key.

Source Encryption Decryption Destination
Source Channel X Y X K=Key Fig. 1: Symmetric key process

Asymmetric key
We can also call public key cryptography. This technique enables us to use two kinds of keys, that is, public and private, for the case of encryption and decryption process data over networks. In this technique, a private key cannot be compromised. In such a process, a message could be encrypted by a public key and will be decrypted by using the same kind of algorithm to compare with the private key, as shown in Fig. 2

Secret sharing scheme
SSS is one of the most innovative and powerful schemes in the modern era of the cryptographic world, as mentioned in the literature (Shamir, 1979;Blakley, 1979;Blum, 1983). In general, SSS consists of two basic parts, namely, distribution and reconstruction. Unceremoniously, as regard ( , ) SSS, this scheme working on very unique player called a "dealer." A dealer must distribute the secret information in between of participants, such as

Initialization process
In case dealer wants to select the different non zero integers from over ℤ , which indicates , from 1 ≤ ≤ . Here, these values can be accessed publicly.

Share distribution and reconstruction phases
1. Dealer desires to share the secret information ∈ ℤ . Dealer can choose the randomly − 1 integers for ℤ that can be signified as 2. Dealer can compute = ( ), only for 1 ≤ ≤ , hereunder 3. Here, the dealer can give participants their share .
Briefly, dealer can construct a random polynomial over degree − 1. However, the constant term for secret information is 0 = . Each participant can obtain points over ( , ) regarding the polynomial equation. Furthermore, we can now verify two dissimilar properties, that is, Participants in the group can construct anyone in the regard of polynomial ( )and can calculate the secret; any group for − 1 participants cannot recover it. Now, we will see how the participants can recover the polynomial ( ). Such action is fundamentally achieved in the sense of interpolation polynomial. Here, we assume that set = { 1 , 2 , 3 , . . . } from this set can reconstruct the secret. Participants in set are: This secret information is chosen by the dealer from the polynomial. Moreover, polynomial ( ) has a degree − 1 that can be written as, ( ) = 0 + 1 + 2 +. . . . . −1 −1 here, unknown coefficients 0 , 1 , 2 , . . . . and 0 = are secret information. Hence, every participant knows that = ( ) could achieve a system of the linear equation from the unknowns 0 , 1 , 2 , . . . . −1 . Group contains systems of a linear equation that are for discarding. Suppose that the equations are linearly independent. Hence, we will achieve a unique solution, and 0 will be discovered as the reform of the key. The following is obtained under linear equation construction: 0 + 1 1 + 2 1 2 +. . . . −1 1 −1 = 1 , 0 + 1 2 + 2 2 2 +. . . . −1 2 −1 = 2 , . . The coefficient matrix is called or a Vandermonde matrix. The well-known formula in the regard of a determinant of * is called Vandermonde matrix.
Here, the equation is unknown. We can only show secret information and the value of any secret information in . Suppose secret has 0 . Subsequently, the value of secret = 0 = (0), as we have already 0 = (0). As we know,

= (0)
This equation will produce a ℎ system of a linear equation. The system of linear equation organized by the preceding − 1 system of the linear equation can show the result in equations in between the unknown values. Moreover, the coefficient matrix becomes a Vander-monde matrix, which is a distinctive solution, as mentioned previously.
As for range1 ≤ ≤ − 1, like that, In this regard, no value of any secret could follow the rule by the group of − 1 participants members. Moreover, they could not achieve information about secret values.
This method also provides us with an alternative way to construct the polynomial for ( ), which is grounded on the Lagrange interpolation formula in regard to polynomials equations. In simple words, we say this explicit formula is for the distinctive polynomial ( ) degree, which most at − 1. This result happens when have different points at 1 = ( 1 ), 2 = ( 3 ), . . . = ( ): By substituting = , all terms will vanish without ℎ term, that is, .
Henceforth, any participant of group could compute the ( )by utilizing the interpolation formula. However, a particular group is interested in computing the = 0 , and we can simplify the group. However, in = 0 = (0) we substitute = 0 with the Lagrange interpolation formula and obtain the following: here, an explicit formula ends each secret value.

Access structures and general SSS
In the previous section, we obtained ( , ) construction on the basis of the subset practiced to achieve secret information. According to further normal condition, we could indicate subsets that could qualify and achieve accurate secret information.
Suppose Γ count be a subset of , Γ ⊆ 2 . However, Γ subsets indicate that participants can calculate the secret information. After this scenario, Γ can call an access structure. Γ subsets are called authorized subsets. If ⊆ , then we used to indicate set of different size shares against the participants/members in . Here, we explain the following formal definition of general access sharing schemes.
Properties 1: In the regard of SSS against the access structure, Γ is a technique of distributing secret information in between a set of members in a proper way where secret information cannot be compromised. Here, our scheme holds two kinds of properties as follows: 1. If ∈ Γ, then ( / ) = 0 2. If ∉ Γ, then ( / ) ≥ log , here, we set a fixed value > 1.
Based on the definition, any eligible subset could achieve the secret information. However, any noneligible subset could be a bit uncertain about the secret information. However, the secret can be guessed by the accurate value with the probability at least 2 − ( / ) . We can see a ( , ) threshold scheme, and it has an access structure Γ = { ⊆ ; | | ≥ }.
Definition 1: SSS in which = | | is called a perfect sharing scheme.
In a perfect sharing scheme, a non-eligible subset of members cannot achieve secret information. Moreover, an outsider could not achieve accurate information from group participants.
Definition 2: | | = | | If the condition is perfect, then it is called an ideal SSS.
An ideal SSS contains the smallest size of every participant shared secret information. It is a very significant aspect when they distribute the secret, and it would be a small size of the share as needed. Furthermore, we reveal certain properties of Γ structure. Assume that's is an eligible subset ( ∈ Γ), and we can add another member to the set of . The output of the added set must then be eligible. In this way, an access structure must contain the following properties.
If ∈ Γ and ⊆ ⊆ , then ∈ Γ. This kind of structure is called a monotone access structure. As such, we can explain the closure of an access structure Γ, which is also written as (Γ)={ ⊆ ; ⊆ , ∈ Γ}.
Readers could easily see that the access structure is monotone if Γ = (Γ).
Let Γ be an access structure, and we want to construct a perfect SSS in the regard of monotone access structure (Γ 0 ). The steps for initialization and share distribution are as follows:
These results prove that construction gives the perfect sharing scheme. We neglect formal proof and only provide a draft. In any eligible subset , ∈ Γ exists, such that ⊆ . In this scenario, members in can pool their shares together and achieve the secret information . In any non-eligible subset , no ∈ Γ could exist. Suppose that ⊆ . Threshold schemes are very independent, which is enough to ruminate a scheme. However, subset is not eligible in any of threshold schemes. could not achieve information about the secret key in any threshold scheme.
The noticeable disadvantage of our construction is that the size of the share will be too large. In SSS, we need to give shares to the participants as small as possible during the distribution phase. If the share size is a bit large, then the adversary could attack shares and obtain secret data. Alternatively, the ideal SSS can be explored. However, this option is only viable for numerous access structures to demonstrate that they could not be comprehended by an ideal SSS.

Discussions
This section summarizes our proposed research work. The improvement against WSNs' security and SSS has been proposed consequently. We proposed a novel-based SSS. These schemes are very powerful during the implementation of any secure system. We performed substantial research on WSNs' security, especially in key transfer protocols. The majority of previous articles proposed different types of schemes in WSNs, but limited research has been proposed accordingly. We proposed SSS, access structure, and general SSS in a deep manner. Both schemes are very useful. Future researchers could implement these schemes in key transfer protocols in WSNs. These schemes give the new research directions in the field of sensor nodes and a key authentication between the groups of sensor nodes. Sensory data are very important during the deployment of the sensor's environment. Hence, the security of sensors nodes could be managed by using our proposed schemes.

Conclusion and future work
Security is the foremost apprehension for the energy-constrained WSNs under the comprehensive security application. In the current age, security is the focus of many works, and constructing powerful security protocols is very challenging. Many researchers proposed several authenticated schemes to achieve privacy and verify nodes. Most methods focused on the security of proposed schemes with the sensor's protocols application. In this article, we proposed a novel-based SSS, which can be used to transfer protocols within the WSN applications. Moreover, this scheme is theoretically secured. The proposed schemes give the new concepts of designed protocols, especially in the WSNs environment. Our scheme size of shares a bit large. However, we plan to decrease the size of the share in the upcoming enhancement.