The invention discloses an SA (security association) negotiation method, device and system. The method includes the steps: a key server generates a private key for a communication initiator and a private key for a communication responder; the communication initiator and the communication responder encrypt digital digests of respective messages, to be transmitted, into signatures through the respective private keys, respectively; the signatures are packaged in the messages, to be transmitted, and transmitted to the other parity; the communication initiator and the communication responder determine each other's public keys and use the public keys and the received signatures in the messages to authenticate each other. Through the use of the SA negotiation method, device and system, the problems that an SA negotiation implementation process is complex and communication load is high can be solved; security supervision and lawful interception can be performed on deployment of communication of an IPSec (internet protocol security) protocol network.