I was reading MIFARE DESFire EV1 document and noticed this:
MIFARE DESFire EV1 and the reader device show in an encrypted way that they possess the same secret which especially means the same key; this not only confirms that both entities are permitted to perform operations on each other but also creates a session key which can be used to keep the further communication path secure; as the name “session key” implicitly indicates, each time a new authentication procedure is successfully completed a new key for further cryptographic operations is generated
The not only part is easy to achieve. In the simplest form, 'server' can throw a random number at the card, and the card can reply with the hash of the secret + the random number.
The but also part, which is the establishment of a session key, is a bit hand-wavy. Since both side already have a common secret, why do you need a session key, and not just use the common secret as a session key?
Note that this question has nothing to do with public key systems or asymmetric encryption or digital signature. In this case, both sides know the same secret.
