In a client-server network environment, a mutual authentication and key exchange scheme is an important security mechanism to provide two parties with the property that they can authenticate each other's identity while they may construct a common session key. With rapid growth of mobile wireless networks, the computational cost on the client side with low power computing devices is a critical factor of the security scheme design. This paper presents a mutual authentication and key exchange scheme using bilinear pairings. Based on the computational Diffie-Hellman assumption and the random oracle model, we show that the proposed scheme is secure against passive attack, forgery attack and ID attack while it provides mutual authentication, implicit key confirmation and partial forward secrecy. A performance analysis demonstrates that our scheme is well suited for smart cards with limited computing capability.