Disadvantages Of Key Agreement Protocol

Diffie Hellman key exchange algorithms is developed by Whitefield Diffie and Martin Hellman in 1976 to overcome the most important deal and exchange problem. It allows both parties who want to communicate with each other to agree on symmetrical keys, key can be used for encryption and decryption, note that the key exchange algorithm Diffie Hellman can only be used for key exchange not for encryption and the decryption process. The algorithm is based on mathematical principles. The key management protocol has the following features: Many key exchange systems have a part that generates the key and simply send that key to the other party — the other party has no influence on the key. The use of a key MEMORANDUM of understanding avoids some of the major distribution problems associated with these systems. To avoid the use of additional off-band authentication factors, Davies and Price proposed the use of Ron Rivest and Adi Shamir`s Interlock protocol, which has come under subsequent attack and refinement. A widespread mechanism for repelling these attacks is the use of digitally signed keys, which must be secured for integrity: if Bob`s key is signed by a trusted third party guarantor of his identity, Alice can have great confidence that a signed key she receives is not an attempt to intercept Eve. If Alice and Bob have an infrastructure with public keys, they can digitally sign a Diffie Hellman key or exchange a Diffie Hellman public key. These signed keys, sometimes signed by a certification body, are one of the primary mechanisms used for secure web data traffic (including DEE, SSL or Transport Layer Security protocols). Other specific examples are: MQV, YAK and the ISAKMP component of the IPsec protocol suite for securing internet protocol communications. However, these systems require care to support consistency between identity information and public keys by certification bodies in order to function properly. This type of attack is probably the most important to avoid in the design of the PAKE, because an attacker does not need to be online to execute it.

This entry was posted in Uncategorized. Bookmark the permalink.