On 16/12/16 02:30, sivmu wrote: > If the token does the encryption (and signing) operations,
Smartcards perform signing and DEcryption (which in the case of RSA are mathematically identical). > it needs randomness. That's true of DSA and ElGamal, but smartcards normally implement RSA. Remember also that PGP uses a two-step encryption process. The random symmetric session key is generated on the host rather than the smartcard, and the secure hash used in signing is deterministic. The smartcard itself only RSA-decrypts the session key (or hash), and this doesn't require an RNG. Andrew.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
