The proposed methods protect networks of client devices connected to a server containing physical unclonable functions, by generating session keys for secure cryptographic protocols. Hostile servers without known physical unclonable functions cannot generate these session keys, thereby are not trust-worthy to the client devices. During an initial set up cycle, each client device selects a set of passwords, and picks a first set of random numbers to hash these passwords multiple times. The resulting sets of message digests are converted by the server into sets of instructions to generate some responses from the physical functions; these initial responses are stored for future reference by the server. The client device picks a second set of random numbers smaller than the first set and repeat of the same scheme; the session keys are computed from the differences between both sets of random numbers. The sever can also get access independently to the session keys by finding a group of responses from its physical function that is similar to the initial responses. The proposed pseudo-homomorphic computations never disclose to the server the set of original passwords. We are suggesting ways to optimize the levels of protections and the performance of the session key generation in terms of latencies and entropy.