Diagram of RSASSA-PSS according to PKCS #1 v2.1


RSA-PSS is an improved padding scheme for the RSA cryptosystem. I investigated the use of RSA-PSS in my diploma thesis. I also created an implementation of RSASSA-PSS X.509 signatures according to RFC 3447 and RFC 4055 for the nss library during the Google Summer of Code 2010.


RSA-PSS – Provably secure RSA Signatures and their Implementation (PDF) (latex sources)
(contains some minor corrections, original I submitted to my university + source)
Slides from talk about thesis as PDF
Slides from 2 minute talk (Gong show) as OpenDocument and as PDF

Thesis was supervised by Prof. Dr. Ernst-Günter Giessmann. Second corrector was Prof. Dr. Johannes Köbler.

nss implementation

During the Google Summer of Code 2010 I created an implementation of RSASSA-PSS signatures for X.509 for the nss library, which is used by Mozilla Firefox and many other applications. The project was mentored by nss developer Wan-Teh Chang.

The code is not yet completely included in the nss codebase, progress is tracked in Mozilla's Bugzilla.

Latest patchset and patched nss source

Online test

Sorry, I have taken down the PSS test, it was too bothersome to maintain.


Some links regarding PSS:

PSS sample certificates and some info by Martin Kaiser
Original PSS papers by Mihir Bellare and Philipp Rogaway
RFC 3447 - PKCS #1 v2.1 - the basic cryptographic primitives for RSASSA-PSS
RFC 4055 - RSASSA-PSS in X.509
RFC 5756 - Minor updates to RFC 4055
RFC 4056 - RSASSA-PSS in Cryptographic Message Syntax (CMS) and S/MIME
Proposal for PSS in XMLDSig

Hanno Böck

Creative Commons Lizenzvertrag