Authentication
Anonymous key exchange, like Diffie-Hellman, does not provide authentication of the parties, and is thus vulnerable to Man-in-the-middle attacks.
A wide variety of cryptographic authentication schemes and protocols have been developed to provide authenticated key agreement to prevent man-in-the-middle and related attacks. These methods generally mathematically bind the agreed key to other agreed-upon data, such as the following:
- Public/private key pairs
- Shared secret keys
- Passwords
Read more about this topic: Key-agreement Protocol