Abstract
In this paper, we investigate a method by which smart cards can be used to enhance the security of session key distribution in the third-party setting of Needham & Schroeder. We extend the security model of Bellare & Rogaway to take into account both the strengths and weaknesses of smart card technology, we propose a session key distribution protocol, and we prove that it is secure assuming pseudo-random functions exist.