Wireless Sensor Networks (WSNs) using the enormous amount of sensor nodes and data aggregation techniques to gather data (temperature, humidity, pressure, acoustic, etc.) from the surrounding environment. However, sensor nodes are often limited by constrained power, computational ability, and storage. Also, all the messages in the network are all transmitted through a public channel, it means that the messages sent by sensor nodes could be eavesdropped, intercepted, or tampered, which will lead to the network security being compromised. Therefore, in this paper, we propose a cluster-based lightweight secure sensed data aggregation scheme. By dividing sensor nodes in a WSN into multiple clusters, combining special routing strategy, and using inter-cluster data forwarding, we increase the efficiency of data collection. Furthermore, we use ECQV technique to achieve an efficient authentication. Our scheme makes two arbitrary sensor nodes exchange ECQV implicit certificate to each other to complete mutual authentication without getting involved with the base station and also adds random number into transmitted messages. Hence, we can effectively resist replay attack, asynchronous attack, impersonation attack, and man-in-the-middle attack. With the above security mechanism, we can prevent attackers from impersonating sensor nodes or replaying messages to bypass authentication. Eventually, we can provide a secure and efficient data aggregation scheme for WSNs. Finally, the performance and security analyses show that the proposed scheme can provide the most complete security for a data aggregation technique, verify the source of messages, and effectively protect the sensed data transmitted in the network, with just a little bit of performance sacrificed. That is to say, the proposed scheme can achieve the best balance between performance and security.