There is unanimous consensus that cyber security in the Internet of Things (IoT) is necessary. In cyber security, key establishment is one of the toughest problems. It is even more challenging in resource-constrained but Internet-connected IoT devices that use low-power wireless communication. A number of IoT communication protocols define cryptographic mechanisms for confidentiality and integrity services but do not specify key management. For example, IEEE 802.15.4, RPL, and object security all rely on external key management protocols. Due to the lack of automatic key management support, IoT devices either end up using preshared keys or no security at all. In this paper, we overcome these challenges and present TinyIKE, a lightweight adaptation of Internet Key Exchange version 2 (IKEv2) for the IoT. Using TinyIKE, we solve the key establishment problem for multiple IoT protocols using a single IKEv2-based solution. We implement TinyIKE for resource-constrained IoT devices that run the Contiki OS. The TinyIKE implementation supports full certificate-based IKEv2 that uses elliptic curve cryptography. In order to ensure the feasibility of TinyIKE in the IoT, we perform an extensive evaluation of TinyIKE using a setup consisting of real IoT hardware.