Random numbers are static.

[JanisErdmanis]

If one considers a static random number in the signature an intelligent briber could lookup into a random number which was in the public key registration signature.

A possible solution to the problem:

• Make random numbers with a hashing function hash(random,count) where the count is an internal counter of the card.

[JanisErdmanis]

Proof for entropy inclusion can solve this problem elegantly. Hardware currently is not in the foreseeable future, though.