A secure roaming protocol for mobile networks is proposed. Roaming has been analysed in some schemes from the security point of view; however, there are vulnerabilities in most of them and so the claimed security level is not achieved. The scheme offered by Wan et al. recently is based on hierarchical identity-based encryption, in which the roaming user and the foreign network mutually authenticate each other without the help of the home network. Although the idea behind this proposal is interesting, it contradicts technical considerations such as routing and billing. The proposed protocol makes use of similar functions used in Wan et al.'s scheme but contributes a distinguished structure that overcomes the previous shortcomings and achieves a higher possible level of security in mobile roaming as well as enhancing the security of the key issuing procedure.