A protocol for secure peer-to-peer communications is established based on existing cryptographic techniques and encryption algorithms. The peers (120, 130, 140) and a central security agent (110) undergo mutual authentication. A newly generated nonce is used for authentication, and a random session key is used for a session. The security agent (110) generates unique session keys for communication between peers (120, 130, 140). The security agent (110) removes the burden of mutual authentication between requested peer (130, 140) and the requesting peer (120), as the security agent (110) independently authenticates the requesting peer (120) and the requested peer (130, 140). The requested peer (130, 140) and the requesting peer (120) are sent a session key by the security agent (110).