diff --git a/pass/app/Crypto.js b/pass/app/Crypto.js
index 5985c775908b9d43c9e09d506cba5fc3c68c3077..bff2b96e45871ba05d7bea622f006822549575c9 100644
--- a/pass/app/Crypto.js
+++ b/pass/app/Crypto.js
@@ -73,28 +73,38 @@ class Crypto {
    *
    * @param {String} blinded_token
    * @param {NodeRSA} private_key
-   * @returns {BigInteger}
+   * @returns {Promise<BigInteger>}
    */
-  sign(blinded_token, private_key) {
-    return BlindSignature.sign({
+  async sign(blinded_token, private_key) {
+    let min_ms = 150;
+    let start = dayjs();
+    let signature = BlindSignature.sign({
       blinded: new BigInteger(blinded_token),
       key: private_key,
     });
+    let missing_ms = Math.max(min_ms - dayjs().diff(start, "millisecond"), 0);
+    await new Promise((resolve) => setTimeout(resolve, missing_ms));
+    return signature;
   }
 
   /**
    *
    * @param {String} token
-   * @param {String} expiration
+   * @param {String} date
    */
-  async validateToken(token, signature, expiration) {
-    let date = dayjs(expiration, this.#dayjs_format);
-    let private_key = await this.get_private_key(date);
-    return BlindSignature.verify2({
+  async validateToken(token, signature, date) {
+    let min_ms = 150;
+    let start = dayjs();
+    let current_date = dayjs(date, this.#dayjs_format);
+    let private_key = await this.get_private_key(current_date);
+    let verification_result = BlindSignature.verify2({
       unblinded: signature,
       key: private_key,
       message: token,
     });
+    let missing_ms = Math.max(min_ms - dayjs().diff(start, "millisecond"), 0);
+    await new Promise((resolve) => setTimeout(resolve, missing_ms));
+    return verification_result;
   }
 
   async validateMetaGerPassCode(