Skip to Main Content
In Collaborative WSNs, sensing devices are owned and operated by different stakeholders with incentive to preserve the confidentiality of their individual sensors readings while contributing to statistics computed by the group. In such systems, in-network data processing presents high efficiency for energy and bandwidth, but unfortunately introduces several challenges related to data security and fault tolerance. In this paper, we present and analyze a new protocol that allows for confidentiality-preserving in-network aggregation for collaborative WSNs in the face of intermittent link-level failures. Our protocol makes use of a symmetric-key, homomorphic cryptosystem to maintain the confidentiality of individual sensor readings while still permitting a trusted sink node to recover the correct aggregate value. The encrypted sensor readings are then combined using a multipath aggregation protocol that is capable of detecting and recovering from a variety of failure scenarios while carefully handling duplicate sensitive aggregates. We prove the security and correctness of our protocol, and we conduct simulation studies to understand its data transmission and energy consumption overheads. Our results show that both confidentiality and fault tolerance can be achieved in representative network configurations, while incurring an increase of 7.1 % in the average message size and 3.6% in the average energy consumption. In the unlikely scenario that 100% of the sensor nodes participate in an aggregate query, the average energy consumption showed at most a 25% increase.