I have a question on what seems to be a defect in the Applied Crypto book, and I couldn't get an answer out of Schneier. Could any of you please clarify my issue?
My question is regarding Schneier's write up of SKID3 on page 56. He states that the protocol is not secure against man-in-the-middle attacks because no secrets are involved. I'm finding this hard to accept, because SKID3 uses a MAC, which requires a shared secret key between the two parties. I played out the scenario, and cannot see how a man in the middle could attack w/out knowing the secret key used in the MAC.
