An Attack on Privacy Preserving Data Aggregation Protocol for Wireless Sensor Networks

TL;DR

This paper identifies a security flaw in the CPDA privacy-preserving data aggregation protocol for wireless sensor networks, demonstrates how malicious nodes can compromise privacy, and proposes modifications to fix the vulnerability and improve efficiency.

Contribution

It reveals a security vulnerability in the CPDA scheme and offers improved, more secure protocol modifications for privacy-preserving data aggregation in WSNs.

Findings

Security vulnerability in CPDA identified

Proposed protocol modifications enhance security

Efficiency of data aggregation protocol improved

Abstract

In-network data aggregation in Wireless Sensor Networks (WSNs) provides efficient bandwidth utilization and energy-efficient computing.Supporting efficient in-network data aggregation while preserving the privacy of the data of individual sensor nodes has emerged as an important requirement in numerous WSN applications. For privacy-preserving data aggregation in WSNs, He et al. (INFOCOM 2007) have proposed a Cluster-based Private Data Aggregation (CPDA) that uses a clustering protocol and a well-known key distribution scheme for computing an additive aggregation function in a privacy-preserving manner. In spite of the wide popularity of CPDA, it has been observed that the protocol is not secure and it is also possible to enhance its efficiency. In this paper, we first identify a security vulnerability in the existing CPDA scheme, wherein we show how a malicious participant node can launch an attack on the privacy protocol so as to get access to the private data of its neighboring sensor nodes. Next it is shown how the existing CPDA scheme can be made more efficient by suitable modification of the protocol. Further, suitable modifications in the existing protocol have been proposed so as to plug the vulnerability of the protocol.