How To Get Session Key After Successful SAM Authentication

// Expert user has replied.
A Alan Dimaano 3 years 7 months ago
31 1 0

How can I get the session key generated after a successful SAM authentication?
 
Is there an API for this under the MifareSam class?
 
The command SAM_AuthenticateHost (INS=A4h) is used to run a
mutual authentication between SAM and host system. It consists of three parts.
Such an authentication proves that both the SAM and the host contains the same
keys. At the end of the authentication, session keys for secure messaging are
generated.
 
I believe I need that key to make a successful MifareDesfire authentication. As a data input in dataInput for the SamDiverseParams?
 
Help is very much appreciated. Thanks.

Please Register or Login to post a reply

1 Replies

M Marek Trusinski

The first step you are doing is authenticating host with the Mifare SAM. It is a mutual 3-pass authentication between the MIFARE SAM AV2 and host system.
In this procedure both the PICC as well as the MIFARE SAM AV2  prove that both the MIFARE SAM AV2 and the host contain the same secret,  a DES, TDEA or AES key.
This procedure not only confirms that both entities are permitted to do operations on each other but also automatically creates a session key which can be used to keep the further communication path secure. As
the name ‘session key’ implicitly indicates, each time a new authentication procedure is successfully completed a new key for further cryptographic operations is obtained.

CONTACT
Can’t find what you’re looking for?