Recently, the Virtual Software Token Protocol (VSTP) was proposed as a practical method for secure public key infrastructure (PKI) roaming. It enabled users not to keep their private keys in portable storage. Instead, a set of servers was deployed for the purpose. However, a weakness has been found from the original assumption. The split password was vulnerable to the so-called split on-line attack. So, this letter refines the original scheme with a new restriction and proposes its improved version as well.
All Science Journal Classification (ASJC) codes
- Modelling and Simulation
- Computer Science Applications
- Electrical and Electronic Engineering