The attack described above enables the attacker to impersonate a victim, provided that such victim was assigned a cookie between the two samples the attacker made of the site cookies.
上面所描述的攻击可以使攻击者来扮演一个受害者的角色,假定这样的受害者被分配到两个由站点 cookie 构成的样例攻击者之间。
However, their scheme is insecure by presenting a forgery attack, any receiver can impersonate the proxy signer to sign any message without holding the responsibility.
该文给出的一种攻击方案表明他们的方案是不安全的,任何代理签名的接收者都可以假冒代理人对任意的消息生成有效的签名。
应用推荐