Directed diffusion is a form of message routing that is application aware, allowing improved energy efficiency through path selection that is empirically efficient, combined with caching and summarization of data as it traverses the network. In a directed diffusion implementation, the data sink sends a data subscription request that floods the network. Data sources then respond to the request if they have the data required. By sending the reply back via the node that the request came on, a routing path can be set up between data source and sink. Although this form of routing is common in wireless sensor networks (WSNs), it is susceptible to both sinkhole and Sybil attacks.

The authors propose using the cryptographic technique of bilinear pairing to secure the network from attack. As each device is equipped with a key that incorporates its location, any compromised node is unable to fake its location, as doing so would invalidate its key. It works on the premise that a new key computed using a node’s own key together with a hash of the counterpart’s location and identity should equal a similar key computed by the counterpart using the former’s location and identity. It should be noted that the proposed enhancements limit the use of the protocol to stationary nodes only.

Reviewing security or encryption algorithms is always a challenge. If one does not find the holes in the algorithm, someone else eventually will. Unfortunately, I found the paper light on technical details, making an evaluation difficult. It is not clear whether there is a risk of a compromised node falsifying its gradient information, nor how using XOR to hash the data content would allow a node to distinguish bad data from a falsified message.