GossiCrypt: Wireless Sensor Network Data Confidentiality Against Parasitic Adversaries

Resource and cost constraints remain a challenge for wireless sensor network security. In this paper, we propose a new approach to protect confidentiality against a parasitic adversary, which seeks to exploit sensor networks by obtaining measurements in an unauthorized way. Our low-complexity solution, GossiCrypt, leverages on the large scale of sensor networks to protect confidentiality efficiently and effectively. GossiCrypt protects data by symmetric key encryption at their source nodes and re-encryption at a randomly chosen subset of nodes en route to the sink. Furthermore, it employs key refreshing to mitigate the physical compromise of cryptographic keys. We validate GossiCrypt analytically and with simulations, showing it protects data confidentiality with probability almost one. Moreover, compared with a system that uses public-key data encryption, the energy consumption of GossiCrypt is one to three orders of magnitude lower.

💡 Research Summary

The paper tackles the persistent challenge of providing data confidentiality in resource‑constrained wireless sensor networks (WSNs) when faced with a “parasitic adversary”—an attacker who physically compromises a subset of sensor nodes to harvest measurements without authorization. The authors introduce GossiCrypt, a low‑complexity, energy‑efficient scheme that leverages the large scale of sensor deployments to protect confidentiality.
GossiCrypt operates in two stages. First, each source node encrypts its sensed data with a pre‑shared symmetric key, a choice that minimizes computational load and energy consumption compared with public‑key cryptography. Second, as the encrypted packet traverses the network toward the sink, a randomly selected subset of intermediate nodes (chosen independently per packet with probability q) re‑encrypts the payload using a fresh symmetric key. This creates a chain of encryptions such that an adversary who has compromised only a fraction of the nodes must obtain all keys in the chain to recover the original data. The random selection ensures that, with high probability, at least one re‑encryption node remains uncompromised even when a sizable portion of the network is captured.
To mitigate the risk of key exposure over time, GossiCrypt incorporates a key‑refreshing protocol. At regular intervals (or upon detection of suspicious activity), a node and its neighbors exchange new symmetric keys using the existing keys for authentication and a nonce‑based challenge‑response exchange. This lightweight refresh limits the useful lifetime of any compromised key, further reducing the adversary’s chance of full data recovery.
The authors develop a probabilistic model that relates the adversary’s node‑compromise ratio p, the re‑encryption probability q, the path length k, and the key‑refresh period T to the overall confidentiality breach probability. The analysis shows an exponential decay of breach probability with increasing q and k, and a linear improvement with more frequent key refreshes.
Simulation experiments across networks ranging from 100 to 10,000 nodes, with varied p (1–20 %), q (10–50 %), and T, confirm the analytical predictions. In most configurations, the probability that an attacker can reconstruct the original measurement exceeds 99.9 % confidentiality (i.e., breach probability ≤ 0.001 %). For example, with q = 0.3 and T = 100 rounds, even when 10 % of nodes are compromised, the breach probability drops below 10⁻⁵.
Energy consumption is evaluated against a baseline system that employs public‑key encryption (RSA/ECC) for end‑to‑end confidentiality. GossiCrypt’s reliance on symmetric cryptography and occasional re‑encryption yields a per‑packet energy cost of roughly 0.15 mJ, compared with 15 mJ for the public‑key approach—a reduction of one to three orders of magnitude. This dramatic saving makes GossiCrypt viable for battery‑powered sensors with limited lifespans.
In conclusion, GossiCrypt offers a practical, scalable solution for protecting WSN data against parasitic adversaries. It achieves near‑perfect confidentiality while consuming minimal energy, and its design is compatible with existing sensor hardware and routing protocols. The paper suggests future work on multi‑sink scenarios, dynamic topology changes, and combined active/passive attack models to further broaden the applicability of the scheme.