Abstract
The objective of concealed data aggregation is to achieve the privacy preservation at intermediate nodes while supporting in-network data aggregation. The need for privacy preservation at intermediate nodes and the need for data aggregation at intermediate nodes can be simultaneously realized using privacy homomorphism. Privacy homomorphism processes the encrypted data without decrypting them at intermediate nodes. However, privacy homomorphism is inherently malleable. Although malicious adversaries cannot view transmitted sensor readings, they can manipulate them. Hence, it is a formidable challenge to realize conflicting requirements, such as end-to-end privacy and end-to-end integrity, while performing en route aggregation. In this paper, we propose a malleability resilient concealed data aggregation protocol for protecting the network against active and passive adversaries. In addition, the proposed protocol protects the network against insider and outsider adversaries. The proposed protocol simultaneously realizes the conflicting objectives like privacy at intermediate nodes, end-to-end integrity, replay protection, and en route aggregation. As per our knowledge, the proposed solution is the first that achieves end-to-end security and en route aggregation of reverse multicast traffic in the presence of insider, as well as outsider adversaries.
Similar content being viewed by others
Notes
For probabilistic cryptosystems, decryption must be performed before comparison.
References
Adler, J. M., Dai, W., Green, R. L., & Neff, A. C. (2000). Computational details of the votehere homomorphic election system. Bellevue: VoteHere Inc.
Agrawal, S., & Boneh, D. (2009). Homomorphic MACs: MAC-based integrity for network coding. In Proceedings of the 7th international conference on applied cryptography and network security, ACNS ’09, Lecture Notes in Computer Science (Vol. 5536, pp. 292–305). Paris-Rocquencourt: Springer. doi:10.1007/978-3-642-01957-9_18.
Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., & Cayirci, E. (2002). Wireless sensor networks: A survey. Computer Networks: The International Journal of Computer and Telecommunications Networking, 38(4), 393–422. doi:10.1016/S1389-1286(01)00302-4.
Anastasi, G., Conti, M., Di Francesco, M., & Passarella, A. (2009). Energy conservation in wireless sensor networks: A survey. Ad Hoc Networks, 7(3), 537–568. doi:10.1016/j.adhoc.2008.06.003.
Apavatjrut, A., Znaidi, W., Fraboulet, A., Goursaud, C., Lauradoux, C., & Minier, M. (2010). Energy friendly integrity for network coding in wireless sensor networks. In Proceedings of the 4th international conference on network and system security, NSS’10 (pp. 223–230). Melbourne: IEEE. doi:10.1109/NSS.2010.32.
Boneh, D., Freeman, D., Katz, J., & Waters, B. (2009). Signing a linear subspace: Signature schemes for network coding. In Proceedings of the 12th international conference on practice and theory in public key cryptography, PKC’09, Lecture Notes in Computer Science (Vol. 5443, pp. 68–87). Irvine: Springer. doi:10.1007/978-3-642-00468-1_5.
Castelluccia, C., Chan, A. C. F., Mykletun, E., & Tsudik, G. (2009). Efficient and provably secure aggregation of encrypted data in wireless sensor networks. ACM Transactions on Sensor Networks (TOSN), 5(3), 20:1–20:36. doi:10.1145/1525856.1525858.
Castelluccia, C., Mykletun, E., & Tsudik, G. (2005). Efficient aggregation of encrypted data in wireless sensor networks. In Proceedings of the 2nd annual international conference on mobile and ubiquitous systems: Networking and services, MOBIQUITOUS’05 (pp. 109–117). Washington, DC: IEEE. doi:10.1109/MOBIQUITOUS.2005.25.
Chan, A. C. F., & Castelluccia, C. (2008). On the (Im)possibility of aggregate message authentication codes. In Proceedings of the IEEE international symposium on information theory, ISIT’08 (pp. 235–239). Toronto: IEEE. doi:10.1109/ISIT.2008.4594983.
Chan, A. C. F., & Castelluccia, C. (2011). A security framework for privacy-preserving data aggregation in wireless sensor networks. ACM Transactions on Sensor Networks (TOSN), 7(4), 29:1–29:45. doi:10.1145/1921621.1921623.
Chan, H., & Perrig, A. (2003). Security and privacy in sensor networks. Computer, 36(10), 103–105. doi:10.1109/MC.2003.1236475.
Chen, Y. S., & Lei, C. L. (2013). Aggregate message authentication codes (amacs) with on-the-fly verification. International Journal of Information Security, 12(6), 495–504. doi:10.1007/s10207-013-0202-0.
Domingo-Ferrer, J. (2002). A provably secure additive and multiplicative privacy homomorphism. In Proceedings of the 5th international conference on information security, ISC’02, Lecture Notes in Computer Science (Vol. 2433, pp. 471–483). Sao Paulo: Springer. doi:10.1007/3-540-45811-5_37
El Gamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. In Proceedings of the advances in cryptology, CRYPTO’ 84, Lecture Notes in Computer Science (Vol. 196, pp. 10–18). California: Springer. doi:10.1007/3-540-39568-7_2.
Fasolo, E., Rossi, M., Widmer, J., & Zorzi, M. (2007). In-network aggregation techniques for wireless sensor networks: A survey. Wireless Communications, 14(2), 70–87. doi:10.1109/MWC.2007.358967.
Fontaine, C., & Galand, F. (2007). A survey of homomorphic encryption for nonspecialists. EURASIP Journal on Information Security, 2007(15), 1–15. doi:10.1155/2007/13801.
Gennaro, R., Katz, J., Krawczyk, H., & Rabin, T. (2010). Secure network coding over the integers. In Proceedings of the 13th international conference on practice and theory in public key cryptography, PKC’10, Lecture Notes in Computer Science (Vol. 6056, pp. 142–160). Paris: Springer. doi:10.1007/978-3-642-13013-7_9.
Girao, J., Schneider, M., & Westhoff, D. (2004). CDA: Concealed data aggregation in wireless sensor networks. In Proceedings of the ACM workshop on wireless security, WiSe’04 (pp. 1–2). Philadelphia: ACM. Poster presentation.
Girao, J., Westhoff, D., Mykletun, E., & Araki, T. (2007). TinyPEDS: Tiny persistent encrypted data storage in asynchronous wireless sensor networks. Ad Hoc Networks, 5(7), 1073–1089. doi:10.1016/j.adhoc.2006.05.004.
Girao, J., Westhoff, D., & Schneider, M. (2005). CDA: Concealed data aggregation for reverse multicast traffic in wireless sensor networks. In Proceedings of the 40th international conference on communications, ICC’05 (pp. 3044–3049). Seoul: IEEE. doi:10.1109/ICC.2005.1494953.
Gura, N., Pate, A., Wander, A., Eberle, H., & Shantz, S. C. (2004). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In Proceedings of the 6th international workshop on cryptographic hardware and embedded systems—CHES’04, Lecture Notes in Computer Science(Vol. 3156, pp. 119–132). Cambridge: Springer. doi:10.1007/978-3-540-28632-5_9.
Hill, J., Szewczyk, R., Woo, A., Hollar, S., Culler, D., & Pister, K. (2000). System architecture directions for networked sensors. ACM SIGPLAN Notices, 35(11), 93–104. doi:10.1145/356989.356998.
Hoffstein, J., Pipher, J., & Silverman, J. (2008). An introduction to mathematical cryptography (1st ed.). Berlin: Springer. doi:10.1007/978-1-4939-1711-2.
Hu, L., & Evans, D. (2003). Secure aggregation for wireless networks. In Proceedings of the symposium on applications and the internet workshops, SAINT’03 (pp. 384–391). Washington, DC: IEEE. doi:10.1109/SAINTW.2003.1210191.
Izawa, K., Miyaji, A., & Omote, K. (2012). Lightweight integrity for XOR network coding in wireless sensor networks. In Proceedings of the 8th international conference on information security practice and experience, ISPEC’12, Lecture Notes in Computer Science (Vol. 7232, pp. 245–258). Hangzhou: Springer. doi:10.1007/978-3-642-29101-2_17.
Jaggi, S., Langberg, M., Katti, S., Ho, T., Katabi, D., & Medard, M. (2007). Resilient network coding in the presence of byzantine adversaries. In Proceedings of the 26th IEEE international conference on computer communications, IEEE INFOCOM’07 (pp. 616–624). Barcelona: IEEE. doi:10.1109/INFCOM.2007.78.
Johnson, R., Molnar, D., Song, D. X., & Wagner, D. (2002). Homomorphic signature schemes. In Proceedings of the cryptographer’s track at the RSA conference on topics in cryptology, CT-RSA’02, Lecture Notes in Computer Science (Vol. 2271, pp. 244–262). London: Springer. doi:10.1007/3-540-45760-7_17.
Karlof, C., Sastry, N., & Wagner, D. (2004). TinySec: A link layer security architecture for wireless sensor networks. In Proceedings of the 2nd international conference on embedded networked sensor systems, SenSys’04 (pp. 162–175). Baltimore: ACM. doi:10.1145/1031495.1031515.
Karlof, C., & Wagner, D. (2003). Secure routing in wireless sensor networks: Attacks and countermeasures. AdHoc Networks, 1(2–3), 293–315. doi:10.1016/S1570-8705(03)00008-8.
Katz, J., & Lindell, A. Y. (2008). Aggregate message authentication codes. In Proceedings of the 2008 the cryptopgraphers’ track at the RSA conference on topics in cryptology, CT-RSA’08, Lecture Notes in Computer Science (Vol. 4964, pp. 155–169). San Francisco: Springer. doi:10.1007/978-3-540-79263-5_10.
Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48(177), 203–209. doi:10.1090/S0025-5718-1987-0866109-5.
Koblitz, N., Menezes, A., & Vanstone, S. (2000). The state of elliptic curve cryptography. Designs, Codes and Cryptography, 19(2–3), 173–193. doi:10.1023/A:1008354106356.
Krohn, M. N., Freedman, M. J., & Mazières, D. (2004). On-the-fly verification of rateless erasure codes for efficient content distribution. In Proceedings of the IEEE symposium on security and privacy (pp. 226–240). California: IEEE. doi:10.1109/SECPRI.2004.1301326.
Levis, P., Madden, S., Polastre, J., Szewczyk, R., Whitehouse, K., Woo, A., Gay, D., Hill, J., Welsh, M., Brewer, E., & Culler, D. (2005). TinyOS): An operating system for sensor networks. In Ambient intelligence (pp. 115–148). Berlin: Springer. doi:10.1007/3-540-27139-2_7.
Li, H., Li, K., Qu, W., & Stojmenovic, I. (2011). Secure and energy-efficient data aggregation with malicious aggregator identification in wireless sensor networks. In Proceedings of the 11th international conference on algorithms and architectures for parallel processing—volume part I, ICA3PP’11, Lecture Notes in Computer Science (Vol. 7016, pp. 2–13). Melbourne: Springer. doi:10.1007/978-3-642-24650-0_2.
Li, Z., & Gong, G. (2010). Data aggregation integrity based on homomorphic primitives in sensor networks. In Proceedings of the 9th international conference on ad-hoc, mobile and wireless networks, ADHOC-NOW’10, Lecture Notes in Computer Science (Vol. 6288, pp. 149–162). Edmonton: Springer. doi:10.1007/978-3-642-14785-2_12.
Luk, M., Mezzour, G., Perrig, A., & Gligor, V. (2007). MiniSec: A secure sensor network communication architecture. In Proceedings of the 6th international conference on information processing in sensor networks, IPSN’07 (pp. 479–488). Cambridge: ACM. doi:10.1145/1236360.1236421.
Malan, D. J., Welsh, M., & Smith, M. D. (2004). A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography. In Proceedings of the 1st IEEE international conference on sensor and ad hoc communications and network, SECON’04 (pp. 71–80). Santa Clara: IEEE. doi:10.1109/SAHCN.2004.1381904.
Malan, D. J., Welsh, M., & Smith, M. D. (2008). Implementing public-key infrastructure for sensor networks. ACM Transactions on Sensor Networks (TOSN), 4(4), 22:1–22:23. doi:10.1145/1387663.1387668.
MEMSIC. (2015). MICAz mote platform. Datasheet. http://www.memsic.com/userfiles/files/Datasheets/WSN/6020-0060-04-B_MICAz.pdf. Accessed 12 March 2015
MEMSIC. (2015). TelosB mote platform. http://www.memsic.com/userfiles/files/Datasheets/WSN/6020-0094-02_B_TELOSB.pdf. Accessed 12 March 2015
Mykletun, E., Girao, J., & Westhoff, D. (2006). Public key based cryptoschemes for data concealment in wireless sensor networks. In Proceedings of the IEEE international conference on communications, ICC’06 (pp. 2288–2295). Istanbul: IEEE. doi:10.1109/ICC.2006.255111.
Okamoto, T., & Uchiyama, S. (1998). A new public-key cryptosystem as secure as factoring. In Proceedings of the international conference on the theory and application of cryptographic techniques, advances in cryptology, EUROCRYPT’98, Lecture Notes in Computer Science (Vol. 1403, pp. 303–318). Espoo: Springer. doi:10.1007/BFb0054135.
Ozdemir, S., & Xiao, Y. (2009). Secure data aggregation in wireless sensor networks: A comprehensive overview. Computer Networks: The International Journal of Computer and Telecommunications Networking, 53(12), 2022–2037. doi:10.1016/j.comnet.2009.02.023.
Ozdemir, S., & Xiao, Y. (2011). Integrity protecting hierarchical concealed data aggregation for wireless sensor networks. Computer Networks: The International Journal of Computer and Telecommunications Networking, 55(8), 1735–1746. doi:10.1016/j.comnet.2011.01.006.
Paillier, P. (2000). Trapdooring discrete logarithms on elliptic curves over rings. In Proceedings of the 6th international conference on the theory and application of cryptology and information security: advances in cryptology, ASIACRYPT’00, Lecture Notes in Computer Science (Vol. 1976, pp. 573–584). Kyoto: Springer. doi:10.1007/3-540-44448-3_44.
Parmar, K., & Jinwala, D. C. (2014). Malleability resilient concealed data aggregation. In Proceedings of the 20th EUNICE/IFIP WG 6.2, 6.6 workshop on advances in communication networking, EUNICE’14, Lecture Notes in Computer Science (Vol. 8846, pp. 160–172). Rennes: Springer. doi:10.1007/978-3-319-13488-8_15.
Perrig, A., Stankovic, J., & Wagner, D. (2004). Security in wireless sensor networks. Communications of the ACM, 47(6), 53–57. doi:10.1145/990680.990707.
Perrig, A., Szewczyk, R., Tygar, J. D., Wen, V., & Culler, D. E. (2002). SPINS: Security protocols for sensor networks. Wireless Networks, 8(5), 521–534. doi:10.1145/990680.990707.
Peter, S., Piotrowski, K., & Langendoerfer, P. (2007). On concealed data aggregation for WSNs. In Proceedings of the 4th IEEE consumer communications networking conference, CCNC’07 (pp. 192–196). Las Vegas: IEEE. doi:10.1109/CCNC.2007.45.
Peter, S., Westhoff, D., & Castelluccia, C. (2010). A survey on the encryption of convergecast traffic with in-network processing. IEEE Transactions on Dependable and Secure Computing, 7(1), 20–34. doi:10.1109/TDSC.2008.23.
Pottie, G. J., & Kaiser, W. J. (2000). Wireless integrated network sensors. Communications of the ACM, 43(5), 51–58. doi:10.1145/332833.332838.
Rault, T., Bouabdallah, A., & Challal, Y. (2014). Energy efficiency in wireless sensor networks: A top-down survey. Computer Networks, 67, 104–122. doi:10.1016/j.comnet.2014.03.027.
Rivest, R. L., Adleman, L., & Dertouzos, M. L. (1978). On data banks and privacy homomorphisms. Foundations of Secure Computation, 4(11), 169–180.
Sang, Y., Shen, H., Inoguchi, Y., Tan, Y., & Xiong, N. (2006). Secure data aggregation in wireless sensor networks: A survey. In Proceedings of the 7th international conference on parallel and distributed computing, applications and technologies, PDCAT’06 (pp. 315–320). Taipei: IEEE. doi:10.1109/PDCAT.2006.96.
Sicari, S., Grieco, L. A., Boggia, G., & Coen-Porisini, A. (2012). DyDAP: A dynamic data aggregation scheme for privacy aware wireless sensor networks. Journal of Systems and Software, 85(1), 152–166. doi:10.1016/j.jss.2011.07.043.
Simplicio, M. A, Jr, De Oliveira, B. T., Margi, C. B., Barreto, P. S. L. M., Carvalho, T. C. M. B., & NäSlund, M. (2013). Survey and comparison of message authentication solutions on wireless sensor networks. Ad Hoc Networks, 11(3), 1221–1236. doi:10.1016/j.adhoc.2012.08.011.
Sun, H. M., Hsiao, Y. C., Lin, Y. H., & Chen, C. M. (2008). An efficient and verifiable concealed data aggregation scheme in wireless sensor networks. In Proceedings of the international conference on embedded software and systems, ICESS’08 (pp. 19–26). Sichuan: IEEE. doi:10.1109/ICESS.2008.9.
Ugus, O. (2007). Asymmetric homomorphic encryption transformation for securing distributed data storage in wireless sensor networks. Master’s thesis, Technische Universität Darmstadt, Germany. http://www.ist-ubisecsens.org/publications/diplarb_ugus.pdf. Accessed 20 Nov 2014
Wander, A. S., Gura, N., Eberle, H., Gupta, V., & Shantz, S. C. (2005). Energy analysis of public-key cryptography for wireless sensor networks. In Proceedings of the 3rd IEEE international conference on pervasive computing and communications, PerCom’05 (pp. 324–328). Kauai: IEEE. doi:10.1109/PERCOM.2005.18.
Wang, Y., Attebury, G., & Ramamurthy, B. (2006). A survey of security issues in wireless sensor networks. IEEE Communications Surveys & Tutorials, 8(2), 2–23. doi:10.1109/COMST.2006.315852.
Westhoff, D., Girao, J., & Acharya, M. (2006). Concealed data aggregation for reverse multicast traffic in sensor networks: Encryption, key distribution, and routing adaptation. IEEE Transactions on Mobile Computing, 5(10), 1417–1431. doi:10.1109/TMC.2006.144.
Westhoff, D., & Ugus, O. (2013). Malleability resilient (premium) concealed data aggregation. In Proceedings of the 4th IEEE international workshop on data security and privacy in wireless networks, D-SPAN’13 (pp. 1–6). Madrid: IEEE. doi:10.1109/WoWMoM.2013.6583470.
Zhou, Q., Yang, G., & Liwen, H. (2014). An efficient secure data aggregation based on homomorphic primitives in wireless sensor networks. International Journal of Distributed Sensor Networks, 2014(962925), 1–11. doi:10.1155/2014/962925.
Acknowledgments
This research was a part of the project “A Secure Data Aggregation System and An Intrusion Detection System for Wireless Sensor Networks”. It was supported by the Department of Electronics and Information Technology, Ministry of Communications and Information Technology, Government of India.
Author information
Authors and Affiliations
Corresponding author
Additional information
Preliminary version of this paper is accepted at the 20th EUNICE/IFIP WG 6.2, 6.6 Workshop on Advances in Communication Networking, France (EUNICE 2014), for publication in Springer LNCS series. The present article is a reworked and extended version that includes major novel features such as replay protection, comprehensive analysis of models and assumptions, overhead analysis and security analysis.
Rights and permissions
About this article
Cite this article
Parmar, K., Jinwala, D.C. Malleability Resilient Concealed Data Aggregation in Wireless Sensor Networks. Wireless Pers Commun 87, 971–993 (2016). https://doi.org/10.1007/s11277-015-2633-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-015-2633-6