Fast Secure and Anonymous Key Agreement Against Bad Randomness for Cloud Computing

• Published in: IEEE transactions on cloud computing Vol. 10; no. 3; pp. 1819 - 1830
• Main Authors: Meng, Xinyu, Zhang, Lei, Kang, Burong
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 01.07.2022; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: anonymous authentication; Authentication; bad randomness resistance; Cloud computing; Cryptography; Cybersecurity; Privacy; Protocol; Protocols; Randomness; Resistance; secure channel; zero round trip time
• ISSN: 2168-7161; 2372-0018
• DOI: 10.1109/TCC.2020.3008795

In cloud computing, resources are usually in cloud service provider's network and typically accessed remotely by the cloud users via public channels. Key agreement enables secure channel establishment over a public channel for the secure communications between a cloud user and a cloud service provider. Existing key agreement protocols for cloud computing suffer from some challenges, e.g., realizing low connection delay, eliminating certificate management problem, enhancing user privacy and avoiding bad randomness. To tackle these challenges, we propose a certificateless 0-RTT anonymous AKA protocol against bad randomness for secure channel establishment in cloud computing. As a 0-RTT protocol, it significantly speeds up the efficiency of the secure channel establishment process. Further, our protocol does not need for the certificates to bind a public key with an entity's identity and hence solves the certificate management problem. Finally, concrete security analysis of the protocol is also proposed. The protocol not only satisfies the traditional security attributes (e.g., known-key security, unknown key-share), but also strong security guarantees, i.e., user privacy and bad randomness resistance.