The authentication mechanism in IPv6 over low-power wireless personal area networks (6LoWPAN) uses media access control identifier and IPv6 address. The traditional wireless sensor network considers three-factor authentication mechanism. These factors, namely, username, password, and biometric create a huge overhead in Internet of things due to resource-constraint devices in terms of low memory and processing capabilities. In this article, we propose a lightweight key exchange and authentication scheme for 6LoWPAN to efficiently authenticate the resource-constraint sensor devices. The proposed scheme uses hash-based approaches in the setup and registration phase to reduce the computational cost and resource consumption overhead. The analytical results over the automated validation of internet security protocols and applications and ProVerif tools validate the security claim of the proposed scheme against threats like replay and man-in-the-middle attack. Furthermore, we analyze the logic correctness of the proposed authentication scheme using Burrows-Abadi-Needham logic.