Secure Aggregation with Malicious Node Revocation in Sensor Networks

Sensor applications often leverage in-network aggregation to extract aggregates, such as predicate count and average, from the network. With in-network aggregation, a malicious sensor can easily manipulate the intermediate aggregation results and corrupt the final answer. Most existing secure aggregation schemes aim to defend against stealth attacks and can only raise an alarm when the final answer is corrupted, without being able to pinpoint and revoke the malicious sensors. While some recent protocols can pinpoint and revoke malicious sensors, they need to rely on expensive public key cryptography to be robust against certain attacks. Using only symmetric key cryptography, this paper aims to strictly diminish the capability of adversaries whenever they launch a successful attack, so that malicious sensors can only ruin the aggregation result for a small number of times before they are fully revoked. To this end, we propose VMAT (verifiable minimum with audit trail), a novel secure aggregation protocol with malicious sensor revocation capability. VMAT relies on symmetric key cryptography only, and provides provable guarantees that each execution can either produce the correct aggregation result efficiently, or revoke some key held by the adversary.