The invention discloses a lightweight key dynamically variable data encryption device and method. The lightweight dynamic key data encryption device comprises a server and nodes; wherein the server comprises a key generation module, a key synchronization module, an encryption and decryption module and a key updating module; and the node comprises a key requesting module, a key synchronization module and an encryption and decryption module. After the node initiates a session request, the server generates a session key (second key) if the identity is valid; then the synchronization of the secondkey is completed through two times of encrypted communication, and two-way data encryption communication is performed; the second key generation, synchronization and data communication steps are repeated after a key updating cycle until the communication is completed. The XOR operation is used in the encryption and decryption process, therefore, the operate mode is simplified; and the second keysynchronization, updating and data encryption and decryption are realized under the condition of little consumption of node resources, therefore, the contradiction between the limited Internet of things node resources and energy consumption and the complex security algorithm is effectively solved; meanwhile, the key length and updating cycle are variable, therefore, the difficulty of deciphering is increased, and the communication security can be protected better.