A promising solution for trust establishment in wireless sensor networks is the assignment of
cryptographic seeds (keys, secrets, etc.) to sensor nodes prior to network deployment, known as key
predistribution. In this article, we propose a canonical seed assignment model for key predistribution
characterizing seed assignment in terms of the probability distribution describing the number
of nodes receiving each seed and the algorithm for seed assignment. In addition, we present a
sampling framework for seed assignment algorithms in the canonical model. We propose a probabilistic
k-connectivity model for randomly deployed secure networks using spatial statistics and
geometric random graph theory.We analyze key predistribution schemes in the canonical model in
terms of network connectivity and resilience to node capture. The analytical results can be used to
determine the average or worst-case connectivity or resilience to node capture for a key predistribution
scheme. Furthermore, we demonstrate the design of new key predistribution schemes and
the inclusion of existing schemes in the canonical model. Finally, we present a general approach
to analyze the addition of nodes to an existing secure network and derive results for a well-known
scheme.