Smartcards and tokens

Andrew Gallagher andrewg at
Fri Dec 16 13:36:19 CET 2016

On 16/12/16 02:30, sivmu wrote:
> If the token does the encryption (and signing) operations,

Smartcards perform signing and DEcryption (which in the case of RSA are
mathematically identical).

> it needs randomness.

That's true of DSA and ElGamal, but smartcards normally implement RSA.

Remember also that PGP uses a two-step encryption process. The random
symmetric session key is generated on the host rather than the
smartcard, and the secure hash used in signing is deterministic.

The smartcard itself only RSA-decrypts the session key (or hash), and
this doesn't require an RNG.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161216/d722c4b0/attachment-0001.sig>

More information about the Gnupg-users mailing list