In cloud computing, resources are usually in cloud service provider’s network and typically accessed remotely by the cloud users via public channels. Key agreement enables secure channel establishment over a public channel for the secure communications between a cloud user and a cloud service provider. Existing key agreement protocols for cloud computing suffer from some challenges, e.g., realizing low connection delay, eliminating certificate management problem, enhancing user privacy and avoiding bad randomness. To tackle these challenges, we propose a certificateless 0-RTT anonymous AKA protocol against bad randomness for secure channel establishment in cloud computing. As a 0-RTT protocol, it significantly speeds up the efficiency of the secure channel establishment process. Further, our protocol does not need for the certificates to bind a public key with an entity’s identity and hence solves the certificate management problem. Finally, concrete security analysis of the protocol is also proposed. The protocol not only satisfies the traditional security attributes (e.g., known-key security, unknown key-share), but also strong security guarantees, i.e., user privacy and bad randomness resistance.
Read full abstract