Abstract: Privacy preservation is one of the most challenging problems on secure data aggregation in wireless sensor networks (WSNs). In WSNs, current data aggregation schemes with privacy preservation cannot meet the requirements of security and energy saving, and have several disadvantages such as complex computation, considerable communication load or low-security. An energy-efficient and data-loss resilient data aggregation scheme with privacy preservation is proposed in this paper. Two different forms of perturbation data are adopted to protect the data privacy of each node from being disclosed to the sink and any other nodes in the network. Firstly, from the point of view of sink intrusion, we describe the design scheme of initial perturbation data. On the basis of it, we present the construction method of second data perturbation and the operation procedures of aggregation validation for intermediate aggregators and the sink. To resist various external attacks efficiently, the technique of message authentication code is introduced. Security and property analysis show that the proposed scheme can ensure the security of nodes on the premise of lower energy power. In addition, it has a strong ability against data-loss, and both its security and energy efficiency perform better than current works.