Wireless Sensor Network (WSN) is developing rapidly and used extensively in various critical applications like military, health, environment etc. Sometimes, the WSN is indiscriminately deployed in unattended hostile terrains such as border or remote region where besides energy efficiency, security is another important issue to be addressed. The adversary can have unauthorised access which can lead to tampering, modification, interception, eavesdropping etc.With the intention of improving the energy efficacy of WSN, clustering methods are developed, but dynamic behaviour of sensor nodes with limited storage and processing makes security a more challenging problem as resource intensive security solutions are not feasible in practical scenario. Key management is capable of addressing this problem by protecting the network from different attacks. In this paper, a highly secure Codeword Authenticated Key Exchange (CAKE) protocol is proposed which is based on one-way hashing with one time password and codeword authentication. BAN logic and Random Oracle Model are used for formal proof, and AVISPA tool is used for simulating the proposed work. CAKE is compared with other existing mutual authentication schemes which depicts significant reduction in computational time and energy consumption. The proposed protocol preserves Confidentiality, Integrity, and mutual authentication and can counter several attacks like offline guessing attack, replay attack, Dos attack, impersonation attack etc. and preserve perfect forward secrecy making the protocol suitable for various WSN applications.