The key, or the derived key, can then be used to encrypt subsequent communications using a symmetric key cipher.
It is a variant of the Diffie–Hellman protocol using elliptic curve cryptography.
Two of the most common key exchange algorithms are the following: Both methods provide for highly secure key exchange between communicating parties.
An intruder who intercepts network communications cannot easily guess or decode the secret key that is required to decrypt communications.
However, if CALG_DH_EPHEM was specified, the handle to the key is destroyed, and all values are cleared from the CSP.
When data is in motion, key exchange and transport is usually the starting point.
Unfortunately, exchange and transport are often an after thought in a project, especially if a resident cryptography enthusiast or cryptographer is not available.
Crypto exposes the unauthenticated protocol through classes.
Extensions to the original Diffie-Hellman includes authentication which hardens the exchange protocol against many man-in-the-middle attacks.