Key Distribution Center (KDC) concept

TTP is responsible for bridging the gap between peers.

• A and B don’t have any shared information.

• A and B have shared information with TTP.

Why KDC?

Because a TTP can distribute a session key to A and B to prove each other's identity.

• Session key $K_{AB}$

  • It is temporary (only for one session).

• A uses $K_{AB}$ to prove its identity is B.

• B uses $K_{AB}$ to prove its identity is A.

The proofs by A and B can be made in different ways.

• Only at the beginning of a session.

• On each interaction in a session.

Session key distribution

Example

SAML Web Browser SSO Profile