This protocol provides a standard way for two users to create an authenticated, real-time connection. The end result of this protocol is a session key that is shared by both of the users involved. This protocol is known as a three-phase protocol because it requires that the two users exchange three packets of data in the process of creating the shared session keys. This is shown in the following illustration.
A variety of key exchange protocols can be implemented by using the CryptoAPI. The protocol discussed here is just one of many possibilities. However, using this particular protocol will tend to increase your application's potential interoperability.
Following is a description of this protocol. One of the users is arbitrarily designated the sending user (or sender) and the other the destination user (or receiver).