In cryptography, a key memorandum of understanding is a protocol in which two or more parties can agree on a key in a way that influences the outcome. If done correctly, it prevents undesirable third parties from imposing a key choice on the parties. Protocols that are useful in practice also do not reveal to spies which key has been agreed. The exponential exchange of keys in itself does not specify any prior agreement or subsequent authentication between participants. It has therefore been described as an anonymous key memorandum of understanding. A common mechanism for repelling such attacks is the use of digitally signed keys, which must be secured by integrity: if Bob`s key is signed by a trusted third party who vouches for her identity, Alice may have considerable confidence that a signed key she receives is not an attempt to be intercepted by Eve. If Alice and Bob have a public key infrastructure, they can digitally sign an agreed Diffie-Hellman key or exchange Diffie-Hellman public keys. These signed keys, sometimes signed by a certificate authority, are one of the main mechanisms used to secure web traffic (including HTTPS, SSL, or Transport Layer Security protocols). Other concrete examples are MQV, YAK and the ISAKMP component of the IPsec protocol suite to secure Internet Protocol communication. However, these systems require precautions to confirm that the mapping between identity information and public keys by certification authorities is working properly. Nothing in this key moU prevents someone from impersonating Bob – Alice could exchange keys with me, I could say I`m Bob, and then Alice and I could exchange encrypted data. Although public key transmissions do not need to be encrypted, they must be signed for maximum security. A key protocol or agreement mechanism is a key configuration technique in which a common secret is derived by two (or more) parties based on the information provided by or associated with each of those parties (ideally), so that neither party can predetermine the resulting value.
In this process, key generation is done collaboratively, allowing both parties to have the key. In typical use, Bob and Alice would of course run code in different classes, probably on different machines.
English
Português