Secure and efficient in-network processing of exact SUM queries

In-network aggregation is a popular methodology adopted in wireless sensor networks, which reduces the energy expenditure in processing aggregate queries (such as SUM, MAX, etc.) over the sensor readings. Recently, research has focused on secure in-network aggregation, motivated (i) by the fact that the sensors are usually deployed in open and unsafe environments, and (ii) by new trends such as outsourcing, where the aggregation process is delegated to an untrustworthy service. This new paradigm necessitates the following key security properties: data confidentiality, integrity, authentication, and freshness. The majority of the existing work on the topic is either unsuitable for large-scale sensor networks, or provides only approximate answers for SUM queries (as well as their derivatives, e.g., COUNT, AVG, etc). Moreover, there is currently no approach offering both confidentiality and integrity at the same time. Towards this end, we propose a novel and efficient scheme called SIES. SIES is the first solution that supports Secure In-network processing of Exact SUM queries, satisfying all security properties. It achieves this goal through a combination of homomorphic encryption and secret sharing. Furthermore, SIES is lightweight (it relies on inexpensive hash operations and modular additions/multiplications), and features a very small bandwidth consumption (in the order of a few bytes). Consequently, SIES constitutes an ideal method for resource-constrained sensors.

[1]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[2]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[3]  Keith B. Frikken,et al.  An efficient integrity-preserving scheme for hierarchical sensor aggregation , 2008, WiSec '08.

[4]  Yong Yao,et al.  The cougar approach to in-network query processing in sensor networks , 2002, SGMD.

[5]  Theodore S. Rappaport,et al.  SecureDAV: a secure data aggregation and verification protocol for sensor networks , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[6]  C. Castelluccia,et al.  Efficient aggregation of encrypted data in wireless sensor networks , 2005, The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

[7]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[8]  Noga Alon,et al.  The Space Complexity of Approximating the Frequency Moments , 1999 .

[9]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[10]  Lingxuan Hu,et al.  Secure aggregation for wireless networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[11]  Suman Nath,et al.  Secure outsourced aggregation via one-way chains , 2009, SIGMOD Conference.

[12]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[13]  Feifei Li,et al.  Authenticated Index Structures for Aggregation Queries , 2010, TSEC.

[14]  Sencun Zhu,et al.  SDAP: a secure hop-by-Hop data aggregation protocol for sensor networks , 2006, MobiHoc '06.

[15]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[16]  Joseph M. Hellerstein,et al.  Proof Sketches: Verifiable In-Network Aggregation , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[17]  Anish Mathuria,et al.  Efficient Secure Aggregation in Sensor Networks , 2004, HiPC.

[18]  Jongsung Kim,et al.  On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (Extended Abstract) , 2006, SCN.

[19]  Jonathan Katz,et al.  Aggregate Message Authentication Codes , 1995 .

[20]  Dawn Xiaodong Song,et al.  Secure hierarchical in-network aggregation in sensor networks , 2006, CCS '06.

[21]  Wei Hong,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation Tag: a Tiny Aggregation Service for Ad-hoc Sensor Networks , 2022 .

[22]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[23]  Haifeng Yu,et al.  Secure and highly-available aggregation queries in large-scale sensor networks via set sampling , 2009, 2009 International Conference on Information Processing in Sensor Networks.

[24]  Stanley B. Zdonik,et al.  Answering Aggregation Queries in a Secure System Model , 2007, VLDB.

[25]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[26]  Dawn Song,et al.  SIA: Secure information aggregation in sensor networks , 2007, J. Comput. Secur..

[27]  Feifei Li,et al.  Small synopses for group-by query verification on outsourced data streams , 2009, TODS.

[28]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .