Secure fog-assisted crowdsensing with collusion resistance: From data reporting to data requesting

The development and ubiquity of smart mobile devices have produced the idea of crowdsensing, where people report and request data in a community via a cloud server. Recently, fog is introduced to assist the cloud server by providing location-sensitive and latency-aware local data management. However, interaction between users and server without appropriate sanitation puts serious security threats to user' privacy (e.g., data content and preference). While existing work already has a wide range of privacy-preserving schemes, they hardly consider collusion attacks (CAs) between the server and users, let alone CAs between fog nodes and users. To solve this problem, we first define four specific CAs in fog-assisted crowdsensing and propose a novel privacy-preserving data reporting and requesting (PARE) scheme with collusion resistance. PARE is constructed by leveraging one-way hash chains, marked mix-nets, and grouping-based secure searchable encryption to securely collect users' reports and respond to users' requests under CAs. Then, we consider one extreme scenario and provide a solution by introducing a role of sentry reporter while reducing computational costs and communication overhead. Thorough security and privacy analysis shows that PARE is secure and collusion resistant and we also quantitatively measure privacy with mutual information. Extensive performance evaluation results indicate that PARE is lightweight with respect to computational cost and communication overhead. To the best of our knowledge, this paper is the first one that gives four formal definitions of CAs in fog-assisted crowdsensing and aim to defend them at the same time.