SUMMARYWith in‐network sensor data storage and query, sensed data are stored locally and further accessed by users on demand. Thus, without proper protection for sensor data and user queries, compromise of sensor nodes may reveal sensitive information about the sensed environment as well as users’ query patterns. Furthermore, the adversary can alter some stored data and prevent users from recovering information correctly. In this paper, we propose and analyze the use of maximum‐distance separable codes to address the problem. First, initial data is encoded in (n, k) maximum‐distance separable code and spread from a single data source to a set of storage nodes for higher survivability. Second, a blind signature‐based privacy scheme is explored to preserve user query, such that authorized user's identity and privacy interests are concealed from others. Finally, an efficient data retrieval scheme is carried out such that the redundancy symbols in the remaining nodes are accessed only if the user fails to decode the data, which reduces the communication and computation cost. Analysis and evaluation verify the efficiency of the proposed scheme. Copyright © 2011 John Wiley & Sons, Ltd.