To provide secure communication for mobile devices, authenticated key agreement protocol is an important primitive for establishing session key. So far, several protocols have been proposed to provide robust mutual authentication and key establishment for wireless local area network (WLAN). In this paper we present a secure authenticated key agreement (EC-SAKA) protocol based on elliptic curve cryptography. Our proposed protocol provides secure mutual authentication, key establishment and key confirmation over an untrusted network. The new protocol achieves many of the required security and performance properties. It can resist dictionary attacks mounted by either passive or active networks intruders. It can resist man-in-the middle attack. It also offers perfect forward secrecy which protects past sessions and passwords against future compromise. In addition, it can resist known-key and resilience to server attack. Our proposed protocol uses the signature techniques of ECDSA and the authentication protocol SKA concept. We show that our protocol meets the above security attributes under the assumption that the elliptic curve discrete logarithm problem is secure. Our proposed protocol offers significantly improved performance in computational and communication load over comparably many authenticated key agreement protocols such as B-SPEKE, SRP, AMP, PAK-RY, PAK-X, SKA, LR-AKE and EC-SRP.