ZigBee is considered as the best and most streamlined option available for Internet of Things devices. However, its protection system has security weaknesses, particularly regarding the key derivation and management mechanisms. In this paper, we propose a security framework for ZigBee networks based on a new key management and authentication architecture to cope with the well-known attacks: eavesdropping, Man-in-the-Middle, node tampering and especially attacks that attempt to expose the secret keys. For performance and robustness reasons, our work uses the elliptic curves cryptography to generate cryptographic keys. Moreover, an end to end authentication method is adapted to allow data integrity and users authentication. Security analysis and performance evaluations show that our new keying algorithm performs better in terms of computational time and energy consumption, it is resource efficient and it can resist many kinds of attacks