In this paper we propose a two-pass hybrid key distribution and authentication protocol. The proposed protocol minimizes the number of message exchanges and the key management problem as it eliminates KDC, by using both symmetric-key and asymmetric-key schemes. In addition, it guarantees explicit entity and key authentication via a signature scheme based on elliptic curve cryptosystems (ECC) whose efficiency is superior to existing signature schemes with only two-message exchanges. As each entity has the same number of exponential operations, it also guarantees load balance among each entity’s processing. We present proofs of security of our protocol using the formal methods Casper and FDR. The proposed protocol can be efficiently applied to various communication systems in distributed computing environments.