Protocols for session key agreement and authentication in a communication system such as a portable communication system make use of public key cryptographic techniques. The protocols of the present invention are especially suited for use in a portable communication system because portable telephones are required by the inventive protocols to perform only a minimal amount of processing, while assigning the heavier computations to the network. The inventive protocols also authenticate the weaker (i.e. portable) side. The protocols also ensure that a third party cannot trace the location of a user by eavesdropping on a radio signal transmitted by a portable telephone.