Identity-based authenticated key agreement allows two or more parties to establish secure session keys over insecure channels. Current authenticated key agreement protocols are unable to resist the backdoor attacks that lead to random number disclosure, such as known session-specific temporary attack. Therefore, we propose a reverse firewall protocol for identity-based authenticated key agreement. The protocol is secure under the random oracle model. In addition, it can resist strong temporary session secret value leakage attack and can provide message leakage resistance. Meanwhile, the protocol saves the system’s running time because it does not use bilinear pairing. Finally, we implement the protocol using JPBC library. The experimental results show that the protocol has smaller bandwidth and shorter running time compared with other protocols of the same type. It is very suitable for resource-constrained systems.