Recently, the Virtual Software Token Protocol (VSTP) was proposed as a practical method for secure public key infrastructure (PKI) roaming. It enabled users not to keep their private keys in portable storage. Instead, a set of servers was deployed for the purpose. However, a weakness has been found from the original assumption. The split password was vulnerable to the so-called split on-line attack. So, this letter refines the original scheme with a new restriction and proposes its improved version as well.
Bibliographical noteFunding Information:
Manuscript received May 20, 2003. The associate editor coordinating the review of this letter and approving it for publication was Prof. C.-K. Wu. This work was supported by Grant R08-2003-000-11029-0 from the Basic Research Program of the Korea Science & Engineering Foundation. The author is with the Faculty of School of Computer Engineering, Sejong University, Seoul 143-747, Korea (e-mail: firstname.lastname@example.org). Digital Object Identifier 10.1109/LCOMM.2003.822523
All Science Journal Classification (ASJC) codes
- Modelling and Simulation
- Computer Science Applications
- Electrical and Electronic Engineering