Summary

Algorithm confusion affects versions before version 1.3.1 of Lepture Authib due to the permission of HMAC verification when handling asymmetric public keys. This analysis investigates this vulnerability and how it can be mitigated to keep attackers away.

Description