The cryptographic protocols used in these systems typically use symmetric keys (e.g., DES). The security is hierarchical in nature. In other words, there are devices which have the capability of generating their own keys, whereas devices higher up in the hierarchy can generate keys of devices immediately lower in rank using identification information of the lower ranked device. For example, a smartcard is lower ranked than a Purchase Security Access Module(PSAM). The PSAM has a global key K, whereas the purse just has a derived key f(K,ID), where f is a predefined one-way function, and ID is the identification number of the smartcard. The PSAM can dynamically generate the derived key once it has the identification of the smartcard.
In general, the keys are ``segmented'' for further security. In such a scheme there maybe many global keys for a particular device class. In this abstract we will simplify the presentation by assuming no segmentation of keys.
We now turn to the description of some of the ``native'' card-based system protocols, and the transfer protocol between systems.