Recently, Tseng et al. proposed a novel key agreement protocol based on chaotic maps. They claimed that their protocol achieved the session key agreement between server and users with user's anonymity and security. Although Niu and Wang proposed a new improvement, the presented scheme involved an additional participant, the trusted party, in such a way that the system cost raised a lot. To inherit the superiority of Tseng et al. but remove the security weaknesses, it is worthwhile to point out the kernel of drawback in the scheme of Tseng et al. and, further, propose a security-enhanced scheme by overcoming the drawback with slight modifications. Copyright © 2012 John Wiley & Sons, Ltd.