Abstract
Many recent research efforts in computer security focus on constructing provably secure authentication protocols. Although many of the resulting protocols rely on the a priori secure distribution of secret keys, no provably secure key distribution protocols have yet been demonstrated. In this paper, we use an existing secure two-party authentication protocol as a stepping stone for constructing a series of simple and secure key distribution protocols. The protocols are shown to satisfy desired security requirements, using the security properties of the underlying authentication protocol.