Author: Mihir Bellare and Phillip Rogaway
Reference: Proc. 27th Annual Symposium on the Theory of Computing, ACM, 1995.
Abstract: We study session key distribution in the three-party setting of Needham and Schroeder. (This is the trust model assumed by the popular Kerberos authentication system.) Such protocols are basic building blocks for contemporary distributed systems- yet the underlying problem has, up until now, lacked a definition or provably-good solution. One consequence is that incorrect protocols have proliferated. This paper provides the first treatment of this problem in the complexity-theoretic framework of modern cryptography. We present a definition, protocol, and a proof that the protocol satisfies the definition, assuming the (minimal) assumption of a pseudorandom function. When this assumption is appropriately instantiated, our protocols are simple and efficient.
Full version available in PostScript or gzipped PostScript.
Rogaway's home page.