Aiming at the security problems in the Internet of things, the end to end security architecture of Internet of things is proposed based on recursive encryption algorithm (ESARE). Architecture model is used to bridge the server and client state, object security concepts and related data are used to describe the communication terminal, Constrained Application Protocol (CoAP) is used to issue a certificate to the limited node authorization server, and access key is subscribed by a client, so as to ensure the client can request resources from the restricted CoAP node based on recursive encryption. The experimental results show that ESARE is superior to Datagram Transport Layer Security (DTLS) and DNS-SEC security schemes in terms of computational overhead, response latency and security performance.