Since the tag nonce and
uidare sent as plaintext, we also recover the LFSR state before feeding in nT ⊕uid(step 4). Note that this LFSR state is the secret key!
Since the tag nonce and
uidare sent as plaintext, we also recover the LFSR state before feeding in nT ⊕uid(step 4). Note that this LFSR state is the secret key!