Wireless sensor networks (WSNs) are the key technological building block of Internet of Things (IoT), by which remote users can access the real-time data from the sensor nodes. Due to the openness and mobility of such network, it is essential to establish secure links for end-to-end communication with proper authentication. Although amount of research works in this area have been made, so far designing a secure and efficient authenticated key exchange (AKE) protocol for this setting is still an open topic. So, the authors in this paper design a two-factor AKE protocol using elliptic curve cryptography (ECC) for WSNs in the context of IoT, allowing the end users and sensor nodes to exchange information directly after a secure link is established with the help of the corresponding gateway node. The heuristic security analysis has shown that the new protocol can provide various expected security attributes and resist various known attacks. Moreover, the performance study states that the new protocol is efficient enough and has certain efficiency advantages in the aspects of computation and communication costs compared with the same type of ECC-based AKE protocols for IoT applications.

无线传感器网络（WSN）是物联网（IoT）的关键技术构建块，远程用户可以通过该模块访问传感器节点的实时数据。由于这种网络的开放性和移动性，因此必须建立具有正确身份验证的端到端通信的安全链接，这一点至关重要。尽管已经在该领域进行了大量研究工作，但是到目前为止，针对此设置设计安全有效的认证密钥交换（AKE）协议仍然是一个开放主题。因此，本文作者在物联网环境下为WSN设计了一个使用椭圆曲线密码学（ECC）的两因素AKE协议，允许最终用户和传感器节点在安全链接的帮助下直接建立交换信息。相应的网关节点。启发式安全性分析表明，新协议可以提供各种预期的安全性并抵抗各种已知的攻击。此外，性能研究表明，与用于物联网应用的相同类型的基于ECC的AKE协议相比，新协议足够高效，并且在计算和通信成本方面具有一定的效率优势。