In order to verify that they possess a common secret key K, entities A and B use a public hash function h. The following protocol is used:
i. A sends h(h(K)) to B.
ii. B verifies that the received value is correct.
iii. B sends h(K) to A.
iv. A verifies that the received value is correct.
(a).Why not have A sending h(K) to B and then have B sending h(h(K)) to A?
(b).What keeps C from intercepting A's transmission of h(h(K)) and then sending h(K) back to A (assuming C doesn't know K)?