Generalizing Needham-Schroeder-Lowe for Multi-Party Authentication

The authors propose a protocol for multi-party authentication for any number of parties, which generalizes the well-known Needham-Schroeder-Lowe protocol. They show that the protocol satisfies authentication of the communicating parties (by proving injective synchronisation) and secrecy of the generated challenges. For p parties, the protocol consists of 2p-1 messages, which they show to be the minimal number of messages required to achieve the desired security properties in the presence of a Dolev-Yao style intruder. The underlying communication structure of the generalized protocol can serve as the backbone of a range of authentication protocols.