The Internet of Things is the next generation computing paradigm that promises to improve our lives based on intelligent smart devices. A popular application field of the Internet of Things is the smart home. Smart home devices promise to save energy and money for homeowners. But the devices collect very sensitive and private data and transmit them over an unsecured wireless channel. Thus almost all the homeowners fear leakage of their personal information. However, most security schemes related to authentication and key agreement are based upon a burdensome premise that at least one device can access to the Internet and it is necessary to do off-line work for pre-shared key distribution. Many advanced countries have transformed themselves into the nations with high-speed Internet market penetration rate. But there are still many countries not like that. This thesis introduces lightweight and secure authentication and session key establishment scheme for a common home environment where commercial internet network is not established or for people who want to build their smart home without access to the Internet. The proposed scheme only considers indoor wireless network environment without secure channel. In this situation, the proposed scheme builds secure communication environment by help of new designed components: DNA to Protein scheme using the concept of secure hardware, operation filter for updating partial area of core information. The security analysis of AVISPA tools prove the safety of the proposed authentication and key agreement scheme. The result of performance analysis shows that proposed scheme requires reasonable storage consumption and communication costs.