To ensure the communication security in a public network, a hierarchical identity-based key agreement protocol based on the present identity-based cryptosystem is proposed in this paper. The new protocol which is able to solve the problem of the certification transfering and verifying in the traditional public key cryptosystem efficiently achieves all of the known security attributes and can be achieved in the state-of-art speed which can meet the demand of large scale network applications.