It is possible to consider any combination of the goals or subgoals from key establishment and from entity authentication. There are also goals which go beyond both good key and entity authentication which are termed here enhanced goals. Which are the useful goals to aim for? To answer this question we must examine what is the purpose to go beyond key establishment. A protocol that provides only key establishment gives no assurance that the partner with whom communication is desired even exists. Thus key establishment only provides the ability to engage in secure communication. Enhanced goals seek to establish the readiness of the partner to engage in secure communication. Since the extensional goal for entity authentication proposed above deals with exactly this concern it is natural that enhanced goals should include entity authentication together with key establishment.
Key confirmation provides evidence that the partner has the same key but leaves open the possibility that the key is intended by the partner for a different communication session (with the assumption that the partner may be engaged in several conversations). Key confirmation provides evidence that the partner wishes to communicate with some entity, so implies liveness but may not include entity authentication.
Mutual belief in the key, following SVO6, adds to key confirmation that B associates key K with A . (Actually, SVO6 does not require the good key property, but seems of little value if it does not also hold.) It provides both key confirmation and entity authentication since if the partner has acknowledged that the key is good for the communication this can be taken as a confirmation that the partner is willing to communicate.
Figure 1: Hierarchy of Extensional Goals
The hierarchy of goals is shown in figure 1 as a lattice. Entity authentication and its two subgoals are classed as user oriented goals, while good key and its subgoals are key oriented. Mutual belief and key confirmation are classed as extended goals which concern both keys and users. Of course this hierarchy does not show all possible extensional goals. The ones shown appear to be some of the most important ones considered in the literature. As an example of a goal which is not included, there is an enhanced goal that lies between key confirmation and mutual belief, which provides key confirmation and entity authentication but does not provide assurance that the key is known by the partner to be good.