Fog architectures are currently present in many applications. Constrained devices equipped with sensors produce measurements that will be sent to a nearby gateway, called the fog. The fog verifies, aggregates and forwards them to the server. Group authentication among these devices allows them to securely accept messages of the group members, resulting in faster updates in their process. When defining a security scheme, it should be considered that edge and fog devices are susceptible to attacks. Privacy of the devices should be guaranteed, with respect to outsiders and the fog. It should be impossible to track the connection pattern of devices with different fogs, even if several fogs are captured by an attacker. Inclusion of protection against potentially malicious fogs has not yet been considered in literature, especially not for group-based communications. We present a server-controlled group authentication and key agreement scheme, executed by the fog in collaboration with the devices that it can reach. The server, assumed to be fully trusted, is responsible for the registration and authorisation of the devices and initiates the key update process, whereas the fog takes care of the secure distribution process among its members. At the end, all entities in the group are ensured to possess the correct group key. Moreover, a pairwise secret key between device and server is obtained during the process. The proposed scheme is very efficient as it relies on elliptic curve cryptography and Lagrange interpolation. No initially shared secret key material among the entities needs to be pre-stored.