Hi, I'm a student in computer science and I plan do my study thesis about RSA-PSS. Part of that could be implementing PSS in an open source project.
A bit of background about PSS: Implementing RSA in real-world applications needs some kind of padding. Older methods, like the widespread pkcs #1 v1.5, have been designed without any proof for their security. For PSS, it's possible to proove (in a random oracle model) that it's security is directly related to the security of RSA. RSA-PSS is standardzied in pkcs #1 v2.1 (also published as RFC 3447), but not very widely in use at the moment. The openssl project is working on an implementation and some experimental patches exist. So I had the idea implementing RSA-PSS signature validation in NSS as a google summer of code project. The only bit of information about nss and pss was this old mailing list post: http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/5d2faba3e71f2bb5/6bdca2a80a17d18a?lnk=gst&q=pss#6bdca2a80a17d18a What would people think about that? Is it too much/too little for a SoC- project? Is it something nss / the mozilla project would welcome? cu, -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: ha...@hboeck.de http://schokokeks.org - professional webhosting
signature.asc
Description: This is a digitally signed message part.
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
