Key Distribution Center (KDC) is a central authority dealing with keys for individual computers (nodes) in a computer network. It is similar to the concept of the Authentication Server (AS) and Ticket Granting Server (TGS) in Kerberos.

The basic idea is that every node shares a unique secret key with the KDC. Whenever user A wants to communicate securely with user B, the following happens:

1. The background is that A has shared secret key KA with KDC. Similarly, B is assumed to share a secret key KB with the KDC.

2. A sends a request to KDC encrypted with KA, which includes

   (a) Identities of A and B

   (b) A random number R, called a nonce

3. KDC responds with a message encrypted with KA, containing

   (a) One-time symmetric key KS

   (b) Original request that was sent by A, for verification

   (c) Plus, KS encrypted with KB and ID of A encrypted with KB

4. A and B can now communicate by using KS for encryption.

This is depicted in Fig. below