1 Reply Latest reply on Apr 21, 2016 9:18 AM by Marek Trusinski

    How To Get Session Key After Successful SAM Authentication

    Alan Dimaano

      How can I get the session key generated after a successful SAM authentication?


      Is there an API for this under the MifareSam class?


      The command SAM_AuthenticateHost (INS=A4h) is used to run a

      mutual authentication between SAM and host system. It consists of three parts.

      Such an authentication proves that both the SAM and the host contains the same

      keys. At the end of the authentication, session keys for secure messaging are



      I believe I need that key to make a successful MifareDesfire authentication. As a data input in dataInput for the SamDiverseParams?


      Help is very much appreciated. Thanks.

        • Re: How To Get Session Key After Successful SAM Authentication
          Marek Trusinski


          The first step you are doing is authenticating host with the Mifare SAM. It is a mutual 3-pass authentication between the MIFARE SAM AV2 and host system.

          In this procedure both the PICC as well as the MIFARE SAM AV2  prove that both the MIFARE SAM AV2 and the host contain the same secret,  a DES, TDEA or AES key.

          This procedure not only confirms that both entities are permitted to do operations on each other but also automatically creates a session key which can be used to keep the further communication path secure. As

          the name ‘session key’ implicitly indicates, each time a new authentication procedure is successfully completed a new key for further cryptographic operations is obtained.