RSASSA-PSS

RSA-PSS

 * PKCS #1 2.1
 * RFC 3447 - Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
 * RFC 4055 - RSASSA-PSS in X.509 / SSL and RFC 5756 contains some updates
 * openssl-patch to verify RSASSA-PSS
 * Sample signatures with RSASSA-PSS


 * vulnerability in openssl that would've been impossible with pss, NIST on that attack
 * Algorithmenkatalog BNetzA, pkcs #1 1.5 recommended until 2013/2014
 * On the security of RSA padding, Coron, Stern, Naccache
 * Only mentioning of PSS on nss mailing list archive
 * PSS at RSA Inc.
 * PSS in xmldsig
 * CWE about usage of OAEP
 * Weakness in ISO 9796 padding
 * Bleichenbacher attack on old padding
 * probably inofficial document at nist claiming 2012 for pss
 * PolarSSL forum discussion

GnuPG

 * http://lists.gnupg.org/pipermail/gcrypt-devel/2009-August/001473.html patch for OAEP

MGF1

 * test vectors in bouncycastle

OpenSSL

 * some documentation

Rabin Williams

 * Discussion about RW in PKCS #1 2.1
 * Discussion about RW for dnssec