© 2020 IEEE.The Internet of Things (IoT) is a network of physical devices with embedded technology, such as sensors, RFID and network connectivity, to communicate with other devices or external environments. Such devices have intelligent features for collecting, analyzing and even making decisions without any human interaction. Security is an important requirement in such cases, and authentication is of paramount importance, especially in view of the damage that may result from an unauthenticated malicious device in an IoT system. This paper provides a secure and energy-efcient user authentication protocol proposed to address the above-mentioned issue in the IoT network, which consists of reasonable computing power and a number of resource constrained nodes. A new energy consumption model is presented considering the distance between the devices. With this method, authentication mechanism is combined with the idea of an effective mechanism. The cost of the scheme is analyzed by testing the resistance of the schema to conventional attack types.