Authentication with key agreement protocol (AKA) can provide mutual authentication and create a session key between two communication parties. In 2005, Chen and Yeh proposed an AKA protocol based on one-way hash function and exclusive-or (XOR) operations. Having the feature of fast processing, their protocol is more efficient than previously related works. However, we discover that Chen and Yeh's protocol cannot withstand denial of service (DoS) attack. Moreover, their protocol has redundant communication rounds such that it is not efficient for mobile devices. Therefore, we propose an efficient AKA protocol for mobile devices in this paper, which has lower computation and communication loads. Moreover, our protocol can prevent DoS attack and does not require a verification table in the server. In a word, our AKA protocol is efficient and practical for mobile devices.