Diagram of RSASSA-PSS according to PKCS #1 v2.1


RSA-PSS is an improved padding scheme for the RSA cryptosystem. I investigated the use of RSA-PSS in my diploma thesis. I also created an implementation of RSASSA-PSS X.509 signatures according to RFC 3447 and RFC 4055 for the nss library during the Google Summer of Code 2010.


RSA-PSS – Provably secure RSA Signatures and their Implementation (PDF) (latex sources)
(contains some minor corrections, original I submitted to my university + source)
Slides from talk about thesis as PDF
Slides from 2 minute talk (Gong show) as OpenDocument and as PDF

Thesis was supervised by Prof. Dr. Ernst-Günter Giessmann. Second corrector was Prof. Dr. Johannes Köbler.

nss implementation

During the Google Summer of Code 2010 I created an implementation of RSASSA-PSS signatures for X.509 for the nss library, which is used by Mozilla Firefox and many other applications. The project was mentored by nss developer Wan-Teh Chang.

The code is not yet completely included in the nss codebase, progress is tracked in Mozilla's Bugzilla.

Latest patchset and patched nss source

Online test

To test the PSS capabilities of your webbrowser, you can visit

https://rsapss.hboeck.de/ssl/ (Note: most of these tests are currently broken)

There you will find a couple of test https connections with X.509 certificates signed by my own test CA with PSS and other uncommon algorithms.


Some links regarding PSS:

PSS sample certificates and some info by Martin Kaiser
Original PSS papers by Mihir Bellare and Philipp Rogaway
RFC 3447 - PKCS #1 v2.1 - the basic cryptographic primitives for RSASSA-PSS
RFC 4055 - RSASSA-PSS in X.509
RFC 5756 - Minor updates to RFC 4055
RFC 4056 - RSASSA-PSS in Cryptographic Message Syntax (CMS) and S/MIME
Proposal for PSS in XMLDSig

Hanno Böck

Creative Commons Lizenzvertrag