Section B

Q4.Key agreement protocols

a) Differentiate key agreement and key exchange protocols

Key generation works by moving from a cyber space without key to a cyber space with a key
which has been generated by means of either independently by one human being running an
algorithm or with mutually shared approach. The description of key making never need certain
parties to be familiar with key generation and possibly done in remoteness and the key is not
distributed.

Key establishment is a procedure or set of rules whereby a shared secret such as secret key is
openly obtainable to two / more members of subsequent cryptographic exercise. The key
establishment perhaps roughly subdivided into key exchange and key agreement.

A key exchange protocol or method is a key establishment practice , in case one member either
generates or gets hold of a secret value by means of generating a key themselves and firmly
transmits it to other group participants.

A key agreement protocol or method is a key establishment practice where the shared secret is
derivative by two / more ideal participants of the set as a purpose of information throw in /
coupled with all other participants. Here no participant is capable of predetermining the follow-
on assessment. This procedure of key generation is through shared conduct resultant in both
participants get hold of the key.

For example, key exchange protocols are with one participant produces a symmetric key and
encrypt the key below the public key of the beneficiary by means of asymmetric cryptographic
method. It is also known as KEM- Key Encapsulation Mechanism and with no key agreement, as
the key is reliant on contribution from only one participant, generally the sender and is
distributed to the receiver end

For example, key agreement protocol is a DH - Diffie Hellman key exchange where both the
participants have power over the resultant key instead of one participant responsible. This key is
agreed upon by all the participants involved in the process.
b) Advantages and disadvantages of the Diffie Hellman Algorithm
Advantages of DH Algorithm

 Both the sender as well as the receiver need not have a few prior knowledge of opposite

parties

 After the exchange of keys the communication of information is capable all the way

through an apprehensive channel.

 The distribution of the secret key is protected.

 SSH- Secure Shell mechanism

 TLS-Transport Layer Security as well as  SSL- Secure Sockets Layer security can be
attained
 PKI- Public Key Infrastructure is possible
 IKE-Internet Key Exchange is permitted
 IPSec -Internet Protocol Security is made funtional

Disadvantages of DH Algorithm
 This algorithm not capable to be sued for whichever asymmetric key exchange taking
place. So only be used for symmetric key exchange.
 There is no authentication procedure on every participant involved in the transmission, so
this algorithm is vulnerable to a MITM- Man-In-The-Middle Attack.
 Based upon computational concept makes it expensive taking account of sources and
CPU concert instance.
 Encryption of information is not at all possible in this algorithm.
 Digital signature is never made positive with sign using DH algorithm.

c) Goal of signature function protocol

Increased agreement rapidity
The contract management software employs electronic signatures to speed the carrying out of
time responsive contracts which critically have an effect on patient care. Electronic signing is
able to stop any pointless delays in concluding contracts ensuing in improved performance with
the company of,
 Excellent for the life of the contract by putting a stop repetitive signing.
 Negotiations in critical concern can be tagged and traced until last implementation.
 Helpful for geographically diverse parties carry out contracts.

Improved Security

Parties need not worry about safety measures as there is tampered Contract administration
software with e-signing ability automatically become aware of even small altering and record
additional data points than document.
Minor Transaction Rate

The computerized processes of e-signing decrease the monetary impact of human fault such as
signing fault that slows down the process and cost fixing to be prevented.