Device-to-Device (D2D) communications have emerged as a promising technology for the next generation mobile communication networks and wireless systems (5G). As an underlay network of conventional cellular networks (LTE or LTE-Advanced), D2D communications have shown great potential in improving communication capability and fostering multifarious new applications and services. However, new application scenarios and system architecture expose establishment of D2D communications into unique security threats. Therefore, it is necessary to take security requirements into the design of D2D communications in order to ensure security and correct operations of the network. In this paper, we proposed a Universal Authentication and Key Agreement protocol for D2D communications (UAKA-D2D) to achieve secure communication session establishment, where user roaming and inter-operator operation are considered. Our protocol adopts Diffie-Hellman Key Exchange algorithm (DHKE) to achieve privacy preserving session key generation and employs message authentication code to achieve mutual authentication between D2D users. The security of the proposed protocol is analyzed theoretically and verified by a formal security verification tool. Finally, we evaluated the performance of the protocol in terms of computation and communication costs based on extensive analysis and simulations. The results show the efficiency and practicality of the proposed protocol.