The　number　of　Internet　of　things　(IoT)　terminal　devices　is　large　and　the　resources　of　terminal　devices　are　limited.　The　traditional　identity　authentication　protocol　is　difficult　to　meet　the　needs　of　lightweight　and　security　authentication.　This　thesis　proposes　a　lightweight　identity　authentication　protocol　based　on　elliptic　encryption　algorithm.　The　main　body　of　the　protocol　is　divided　into　authorization　center,　authentication　node　and　terminal　devices.　The　authorization　center　plays　the　role　of　trusted　center　(CA)　in　the　traditional　identity　authentication　protocol,　but　it　is　lighter,　You　do　not　have　to　store　certificates　for　each　device.　Zero　knowledge　authorization　protocol　is　adopted　to　reduce　the　risk　of　private　key　exposure　caused　by　key　escrow.　Replace　the　digital　certificate　with　a　lightweight　token,　and　use　the　double　check　method　for　access　authentication　in　combination　with　the　public　key　pair　generated　by　the　terminal　equipment.　Finally,　this　thesis　analyzes　the　security　and　performance　of　the　protocol,　and　proves　that　the　protocol　has　strong　security　and　good　performance.　©　2022　IEEE.