A first network node (100; 200) is configured to, —compute a first shared key (245) to protect confidentiality from the first identity of the second network node and the local key material to protect confidentiality of the first network node, —compute a second shared key (246) to protect integrity from the second identity of the second network node and the local key material to protect integrity of the first network node, —encrypt a message using the first shared key, and —compute a first message authentication code over the message using the second shared key.