Recently, there has been rapid growth in the Internet of things, the Internet of vehicles, fog computing, and social Internet of vehicles , which can generate large amounts of real-time data. Now, researchers have begun applying fog computing to the to reduce the computing pressure on cloud servers. However, there are still security challenges in . In this paper, we propose a lightweight and authenticated key agreement protocol based on fog nodes in . The protocol completes the mutual authentication between entities and generates the session key for subsequent communication. Through a formal analysis of the Burrows–Abadi–Needham (BAN) logic, real-oracle random (ROR) model, and ProVerif, the security, validity, and correctness of the proposed protocol are demonstrated. In addition, informal security analysis shows that our proposed protocol can resist known security attacks. We also evaluate the performance of the proposed protocol and show that it achieves better performance in terms of computing power and communication cost.