Fog computing (FC) is introduced as an extended technique of cloud computing. FC makes it possible to compute straightly on the brim of the network. In FC application systems, authentication is an important security requirement when fog nodes communicate with other fog devices. Digital signature (DS) has been widely used in FC systems to provide the non-repudiation, authenticity along with data integrity. However, some latest research results demonstate that DS schemes may confront the algorithm substitution attack (ASA). That is, DS scheme would be implanted some covert backdoor information in algorithm implementation process by attackers. With the backdoor information attackers can recover the secret key of fog devices' users, which will result in privacy disclosure. To settle this matter, the notion of cryptographic reverse firewall (CRF) is proposed, which can re-randomize the inputs and outputs of the fog devices. Moreover, due to the limited storing and computing abilities of fog devices, the DS algorithms applied to FC systems should be resource-saving. In this paper, we simultaneously focus attention on addressing above two problems in fog computing and construct the CRFs for the Camenisch and Lysyanskaya DS scheme (CL signature) which is suitable to be applied in FC systems because of its high efficiency.