With the increasing number of vehicles connected to the Internet of Vehicles (IoV), to accommodate the evolving needs and patterns of new vehicles, passengers, and drivers, traditional single Trusted Authority (TA) authentication model may no longer be suitable for the IoV scenario, it is crucial to develop secure, lightweight, efficient, and cross-TA identity authentication and key agreement algorithms. In 2021, Xu et al. proposed a blockchain-based Roadside Unit (RSU)-assisted authentication and key agreement protocol for IoV. However, we describe that their protocol is vulnerable to identity guessing attacks, vehicle forgery attacks, and lacks of session key security and known session key secrecy, and propose a novel blockchain and elliptic curve cryptography-based cross-TA authentication and key agreement protocol for IoV. Our protocol uses Physical Unclonable Functions (PUF) and biometric keys to resist RSU capture attacks and Onboard Unit (OBU) intrusion attacks. Formal security proof and comparative analysis indicate that the proposed protocol can resist various known attacks and maintains lower computational complexity.