An encrypted/authenticated mobile application part (MAP) protocol message is sent between a first network element (42A) of a first telecommunications network (40A) and a second network element (42B) of a second telecommunications network (40B). The first network element uses a master security association to derive a connection-specific security association, and includes in the encrypted/authenticated MAP message a parameter obtained from the connection-specific security association. Upon receipt at the second network element, the master security association is used to derive a connection-specific security association for use by the second network element. The second network element uses the connection-specific security association to decrypt/decode the MAP message.