Preserving data security in distributed fog computing

In this paper, a novel cryptographic solution is proposed to secure data in fog computing. The solution combines the AES-GMAC operation mode with information dispersal over GF(2(w)) to provide data confidentiality, integrity, and availability along with source authentication. The value of w is flexible (8, 16, 32 or 64) and it could be configured according to the fog device features. Moreover, the proposed cryptographic solution is based on the dynamic key-dependent approach, which allows for a good compromise between the security level and computational complexity. In the proposed solution, the collected data at one fog node is encrypted, authenticated and dispersed in a pseudo-random manner to its n neighbor fog nodes. For data recovery, any k of the n fragments along with the corresponding dynamic key are required to retrieve the original data. This complicates the attackers task who needs to compromise at least k fog nodes to disclose the encrypted data. Additionally, attackers should seek the dynamic key, which is different for each input data. On the other hand, redundant fragments protect the stored data against up to (n - k) fog nodes' failure or unavailability. The security and performance analysis tests show that the proposed security scheme exhibits a high level of efficiency and robustness. (C) 2019 Elsevier B.V. All rights reserved.