Comment One little flaw... (Score 1) 312
is when someone intercepts the communication from beginning on, and fakes a client to the server and a server to the client, since the protocol, as described in the article, allows anyone that receives, or intercepts the messages from beginning on, to create a fake other side, and construct an impersonator for the server of the other side.
This would be done simply by replying to the server with the fake clients guesses, and establish an authemticated connection with it. To the other client, at the same time, one would transmit a random sequence just as the server would, and reply , just as the server would. The sequence is not identical, it doesnt have to be: the client has no way of knowing.
If this major flaw is not corrected (it might be already), the system has no possible way of creating a secure enviroment.
--------------------
I listen to dune, do you?
This would be done simply by replying to the server with the fake clients guesses, and establish an authemticated connection with it. To the other client, at the same time, one would transmit a random sequence just as the server would, and reply , just as the server would. The sequence is not identical, it doesnt have to be: the client has no way of knowing.
If this major flaw is not corrected (it might be already), the system has no possible way of creating a secure enviroment.
--------------------
I listen to dune, do you?
