Controller Area Network (CAN) is a serial communication protocol for distributed real-time control systems. Its high reliability and low cost enable it to be widely implemented in various domains such as automotive, avionics, and maritime networks. However, security mechanisms were not implemented during the design of the CAN protocol, which resulted in many attacks such as CAN injection. These attacks enable attackers to steal vehicles, change their states, and gain remote access to their control systems. Literature review reports that current CAN's security protocols experienced lack of security robustness or efficiency due to the constrained environment of the CAN. This paper introduces A Lightweight Robust Encryption and Authentication Protocol (LiREAP), that addresses security vulnerabilities in the CAN protocol while preserving its performance. The proposed protocol adopts Ascon, the upcoming NIST standard for lightweight cryptography, to achieve both confidentiality and integrity for CAN data. A hash chain mechanism is implemented for session key generation. In addition, a challenge-response two-factor authentication mechanism (CR2AM) is designed for session key distribution. The proposed protocol is designed to work harmonically with the standard CAN protocol that enables only 8 bytes for the data field. The conducted theoretical analysis of the proposed protocol reports its ability to provide robust security level with minimum overhead that meet the high-speed requirements in-vehicle communication. Compared to the current protocols, the proposed one efficiently fill the security gap of the CAN with very low overhead cost.