Key Management Scheme for Secure Channel Establishment in Fog Computing

Fog computing is a promising extension of cloud computing, and enables computing directly at the edge of the network. Due to the decentralized and distributed nature of fog nodes, secure communication channels have to be supported in fog computing, which are generally realized through secure keys. Key management schemes are usually employed to generate, distribute and maintain the secret keys. In this paper, we propose a key management scheme called dynamic contributory broadcast encryption (DConBE) for secure channel establishment in fog computing. It allows a group of fog nodes that want to establish a fog system to negotiate a public encryption key and each node's decryption key in one round without a trusted dealer. Any end user may encrypt messages under the public encryption key with short ciphertexts to any subset of the fog nodes in the system. Only selected fog nodes in the system can decrypt the encrypted messages using their respective decryption key. Our new key management scheme also achieves the properties of fog node dynamics, fully collusion-resistant and stateless.