|
|
|
|
|
|
by gipsies
3400 days ago
|
|
|
Exactly, since there is no state machine, an attacker can immediately send the last message. The client will try to check the integrity of this message. But it will use an uninitialized all-zero key to do this! So an attacker can spoof the last message. And once the client receives this message, it will accept all traffic. |
|
|