View article

Ensuring security to IoT devices is important in order to provide privacy and quality of services. Proposing a security solution is considered an important step towards achieving protection, however, proving the soundness of the solution is also crucial. In this paper, we propose a methodology for the performance evaluation of lightweight IoT-based authentication protocols based on execution time. Then, a formal verification test is conducted on a lightweight protocol proposed in the literature. The formal verification test conducted with Scyther tool proofs that the model provides mutual authentication, authorization, integrity, confidentiality, non-repudiation, and accountability. The protocol also was proven to provide protection from various attacks.