Which of the following is a key agreement protocol that allows two users to exchange a secret key over an insecure medium without any prior secrets?

A.
One-way encryption

B.
XML encryption

C.
SecureFiles Encryption

D.
Diffie-Hellman encryption

Explanation:
Diffie-Hellman encryption was developed by Diffie and Hellman in 1976 and published in the paper “New Directions in Cryptography.” It is a key agreement protocol (also called exponential key agreement) that allows two users to exchange a secret key over an insecure medium (such as the Internet) without any prior secrets. The original protocol had two system parameters, i.e.. p and g. They are both public and may be used by all users in a system. The Diffie-Hellman key exchange was vulnerable to a man-in-the-middle attack, as the Diffie-Hellman key exchange does not authenticate the participants.

The current form of the Diffie-Hellman protocol (also known as the authenticated Diffie-Hellman key agreement protocol, or the Station-to-Station (STS) protocol), was developed by Diffie, Van Oorschot, and Wiener in 1992 to overcome the man-in-the-middle attack. This is achieved by allowing the two parties to authenticate themselves to each other by the use of digital signatures and public-key certificates. The Diffie-Hellman protocol is an example of a much more general cryptographic technique, the common element being the derivation of a shared secret value (that is, key) from one party’s public key and another party’s private key. The parties” key pairs may be generated anew at each run of the protocol as in the original Diffie-Hellman protocol. The public keys may be certified so that the parties can be authenticated and there may be a combination of these attributes.

Answer option A is incorrect. One-way encryption is also known as hash function. It is used to determine whether the data has changed. The message gets converted into a numerical value. The recipient then verifies the hash value using a known algorithm. This method checks the integrity of messages but it does not provide confidentiality.

Answer option B is incorrect. XML encryption is used to encrypt the entire XML document or its

selected portions. An XML document has different portions that can be encrypted, which are as follows:
Complete XML document
A resource reference that is provided outside the XML document The content portions of an XML document
Elements and all their sub-elements

Answer option C is incorrect. SecureFiles Encryption extends the capability of Transparent Data Encryption (TDE) by encrypting LOB data. In this encryption, the data is encrypted using Transparent Data Encryption (TDE) and allows encrypted data to be stored securely. SecureFiles Encryption allows random reads and writes on the encrypted data. Automatic key management issupported by Oracle database for all LOB columns within a table and transparently encrypts/decrypts data, backups, and redo/undo log files.