Described are a method for generating a session key on demand in a network, a computer program element, a computer program product stored on a computer usable medium, and a computer device for executing the computer program product. The method generates a session key sk on demand in a network among n participating network devices with up to a number t of faulty devices. Each participating network device sends and receives a series of messages and performs the steps of: a) choosing a private and public key d.sub.i, e.sub.i according to a public key encryption scheme, and broadcasting the public key e.sub.i to each participating network device; b) choosing a local contribution value y.sub.i from a multiplicative group G.sub.q of size q; c) in each case of receiving the public key e.sub.j from one of the participating network devices, encrypting the local contribution value y.sub.i under the received public key e.sub.j to an encrypted contribution value y.sub.ij and responding to the one participating network device the encrypted contribution value y.sub.ij; d) receiving encrypted contribution values y.sub.ji and deriving decrypted contribution values y.sub.j by applying the private key d.sub.i; e) deriving a blinded session key bsk.sub.i from the decrypted contribution values y.sub.j and the local contribution value y.sub.i; f) agreeing on one of the blinded session keys bsk.sub.j by using an agreement protocol; and g) deriving the session key sk from the agreed-on blinded session key bsk.sub.j by applying one of the decrypted contribution values y.sub.j and the contribution value y.sub.i.