initialling SAM (Secure ACCESS MODULE)

Question

I'm working on the AFC (automatic fare collection) system which required a SAM( secure access module) for key management.system works fine with local key management in MCU and I don't have any experience in using SAM.SAM required to install beside MCU as main reader controller & contactless card reader chip(PCD).

1. Is used protocol based on the smart card ISO7816?Am i true?
2. As i know SAMs are part of SMART cards family,are a SAM javacard or there are javacard SAM and non javacard SAM?
3. is there upper level standard used for communicating with SAMs(based on iso7816 ) or each manufacturer use its own protocol?
4. whats different between SAM and usual GSM SIM-CARD? and can i use a GSM-SIMCARD instead of SAM?
5. is there any standard use case for process of key management in smart cards ? wbr

Answer 1

A SAM may be a smart card or another chip like a trusted platform module. A TPM is addressed using an API, see here.

SAMs are seldom required, so there are no domain independent standards how to address these.

If a smart card is used, then 7816 is obviously the way to go. A native smart card is also perfectly possible as SAM, especially if Perform Security Operation command of ISO 7816-8 is supported.

A typical SAM command is "encrypt these data with your (say AES) key number 1". A typical SIM card will have no command for it.

You have to collect the use cases you are interested in by yourself. Some ideas:

• encrypt these data
• decrypt this cryptogram
• compute or verify this message authentication ocde
• derive session key
• replace key data of existing key