In this paper, a novel and more robustic mutual authentication and key exchange protocol based on Elliptic curve discrete logarithm problem has been proposed. This proposed protocol is a two party protocol in which first server authenticates itself to the client and after that client authenticate itself to the server over an untrusted and unsecured network before the session key generation. Before this, many protocols have been proposed but no one has been proposed which provides forward secrecy and resistant to dictionary attack in an efficient manner. This paper provides a new efficient and robustic mutual authentication and session key exchange protocol for high security web applications.