openpgp card and basiccard RNG

Kostantinos Koukopoulos koukopoulos at
Mon Feb 3 14:33:17 CET 2014

Aparrently the OpenPGP card is based on BasicCard [1] and from the
BasicCard FAQ [2] I read:
"For Enhanced BasicCards, the card has no hardware generator. The Enhanced
BasicCards contain a unique manufacturing number which cannot be read from
outside the card. The Rnd function uses this number to generate random
numbers which are different for each card.

For Professional and MultiApplication BasicCards, the random number is
generated by use of a hardware random number generator."

Does anybody know which version of BasicCard is used for the OpenPGP cards
distributed by If it is the Enhanced version, does the
use of a pseudorandom generator pose a security risk?



|/ |/ Konstantinos <koukopoulos at>
|\ |\ Koukopoulos <>

VSRE messages are welcome*, Thanks!
* for more information see:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140203/8c944742/attachment.html>

More information about the Gnupg-users mailing list