A protocol (i.e. method) and corresponding apparatuses for calculating a session key. Two peers with knowledge of a common Diffie-Hellman permanent key, K.sub.perm, and the identity and public key of the other peer. A first peer chooses a first ephemeral private key x and calculates the first corresponding ephemeral public key g.sup.x, which is sent to the second peer. The second peer calculates a second ephemeral public key g.sup.y in the same manner, and an ephemeral shared key K.sub.eph, hashes g.sup.y, K.sub.eph, K.sub.perm, and its identity, and sends g.sup.y and the hash to the first peer. The first peer calculates K.sub.eph, verifies the hash, and hashes g.sup.x, K.sub.eph, K.sub.perm, and its identity, and sends it to the second peer that verifies this hash. Thereafter, both peers obtain a session key by hashing K.sub.eph. The apparatuses may then use the session key to establish a secure authenticated channel (SAC).