I m studying for the Key Establishment Using a Key Distribution Center
From my understanding, KDC contains all the users' private keys. For example, If Alice wants to talk with Bob, Alice requests to the KDC by using Request(IDAlice,IDBob) and KDC generates the random session key and encrypts the session key with Alice's Key and Bob's key. Alice receives the encryptwithAliceKey(SessionKey),encryptwithBobKey(SessionKey), decrypts the Alice key to get the session key and use the session key to encrypt the message and send it to Bob encyptwithSessionKey(Message), encryptwithBobKey(SessionKey).
But my question is What if Alice generates the Session key and encrypts it with her Key and sends the request(Encrypt(SessionKey), ID(Alice), and KDC decrypts the SessionKey by using Alice's key and encrypts the session key with the Bob's Key and sends it to Alice back, Alice encrypts the message with her generated session key and send the Bob to the encrypted message and encrypted session key with Bob's key from the KDC
I know the question might not be clear enough so if I make shorter questions what's is the benefit of the session key generated by KDC, not from the Users?
