Internet of things (IoT) is the integration of computer-based systems and the physical world in which things

interact with each other. Due to heterogeneity and resource-constrained feature of IoT devices, there are

many privacy and security challenges resulting in many threat vulnerabilities in IoT environments. After

reviewing and analyzing the recent IoT security, privacy, and authentication protocols, we will withdraw

research gaps focused on the elimination of human factors in IoT authentication. In order to fill these

research gaps, this paper proposes a privacy-preserving machine authenticated key agreement based on

IoT, denoted as IoTMAKA. IoTMAKA uses dynamic identity and machine fingerprint to provide security and

privacy. Security analysis shows that IoTMAKA provides anonymity and untraceability, provides freshness,

and is secure against passive and active attacks. IoTMAKA reduces communication overheads by 20% and

computational overheads by 25% on average as compared to the previous related works.