Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [jwt]

JWT specifies JSON web tokens. It is defined in RFC 7519: JSON Web Token (JWT)

As indicated in section 3 of the RFC, "JWTs represent a set of claims as a JSON object that is encoded in a and/or structure." The claims are name / value pairs where the name is a string and the value can be any JSON value. It is part of the framework that also contains JWS and JWE.

36 questions
39
votes
2 answers

HMAC vs ECDSA for JWT

I will be implementing JSON web tokens into my website and have a question about implementing them. I have a choice of using two algorithms, HMAC-SHA256 and ECDSA-SHA256. I have used HMAC-SHA256 in the past for jwt, but now I noticed ECDSA is being…
user2924127
  • 493
  • 1
  • 4
  • 8
24
votes
1 answer

How can one validate with a public key a JWT signature generated with a private key?

As I understand it, a JSON Web Token (JWT) consists of 3 parts: the header, specifying the hashing algorithm to use for the signature; the payload itself; and the signature, which is a hash of the header and the payload using the specified hashing…
Anders Rabo Thorbeck
  • 565
  • 1
  • 3
  • 10
10
votes
1 answer

HMAC-SHA256 vs HMAC-SHA512 for JWT API authentication

Which algorithm is recommended to use when encoding / decoding JWT web application tokens? Is using HMAC-SHA256 enough or would using HMAC-SHA512 provide more security? And on 64bit machines, is it true that HMAC-SHA512 is faster than HMAC-SHA256?
W.M.
  • 203
  • 1
  • 2
  • 5
9
votes
1 answer

what are the advatanges and disavantages of the digital signature algorithms for JWT?

I am using a Java JWT library jose4j. There is a list of digital signatures algorithms which can be used. HMAC using SHA-2 RSASSA-PKCS1-V1_5 Digital Signatures with with SHA-2 Elliptic Curve Digital Signatures (ECDSA) with SHA-2 RSASSA-PSS Digital…
David Michael Gang
  • 193
  • 1
  • 5
4
votes
4 answers

JWT Login Security

I am new to security and I am wondering if JWT is secure enough. From what I have read online the flow goes like this: Clients log in by sending their credentials to the identity provider. The identity provider verifies the credentials; if all is…
user62735
  • 41
  • 2
3
votes
1 answer

A way to get the public key of a RS256 JWT from its headers and payload?

I have a RS256 JWT, I'd like to find out its public key. Because I know the header, payload and I have the encrypted signature, is there a way to obtain the public key that made the signature from these elements?
hmngwn
  • 33
  • 1
  • 4
3
votes
1 answer

Does the signature length of RS256 depend on the size of the RSA key used for signing?

The following NodeJS code, when run (v16.8.0), logs 512 to stdout. const crypto = require("crypto"); const { privateKey } = crypto.generateKeyPairSync("rsa", { modulusLength: 4096, }); const sign =…
Otto
  • 135
  • 1
  • 1
  • 5
3
votes
1 answer

What is a "set synchronized CSPRNG"?

I'm looking to implement a performant revocation method for JWTs. I'm reading a paper, in which the following section's second paragraph states: If we use the client hashing approach described previously, we have a greater volume of keys to deal…
Nick Bull
  • 131
  • 2
3
votes
1 answer

AES-CBC then SHA vs AES-GCM for encrypting and authenticating a web token

I am trying to have something like JWT but kinda ad hoc and encrypted. The token itself is simply a stringified JSON that contains the user ID and Unix timestamp. Now, I tried to use AES-128-GCM, however I did some simple modification in the…
pls no
  • 919
  • 1
  • 8
  • 7
3
votes
1 answer

Compromise between HMAC and Digital Signature, by encrypting and sending secret key?

For achieving stateless authentication tokens (like JWT), is there a compromise between the performance of HMAC, and public key distribution of Digital Signature? Scenario: Sender is a centralized authentication server. Receiver is…
user29944
  • 33
  • 2
3
votes
1 answer

best HMACSHA signed JWT secret length

I would like to use JWT but one thing I'm still thinking is ¿what is the best length for the secret? If I'm using HS512 as a signing method the secret should have a length of 512 bits as far as I understand and I imagine that 512 bits are 64…
Clara Raquel
  • 33
  • 1
  • 3
2
votes
0 answers

How many JWT tokens may be securely generated with one secret?

I can remember from my crypto classes, that there is a limit on how many blocks can be securely encrypted with the same key. Before we reach the limit, we should rotate the key. Does it also hold true to JWT tokens? Is there a limit of token count,…
Marek Puchalski
  • 383
  • 1
  • 2
  • 8
2
votes
1 answer

Are there any security drawbacks for simply encrypting and MACing my JWS token (JWT)?

This question, while related, doesn't answer the security aspect I have in mind. I understand that signatures make it impossible for the tokens to be modified. But if I want the JWS token content to be non-visible, I keep hearing people mention JWE.…
The Quantum Physicist
  • 221
  • 1
  • 11
2
votes
1 answer

JWT Common Practices

I had a few questions in regards to certain practices used by JWT developers. I'm relatively new to both encryption and JWTs and the context given is for developing a system on nodejs. How should verification work? Should I look at the JWT's…
Scetra
  • 23
  • 2
2
votes
2 answers

sign a JWT with RS256 using a RSA-PSS SHA256 key pair?

Given a private key using algorithm RSA-PSS with SHA256 is it possible to use this key to sign a JWT using algorith RS256 (RSA with SHA256) instead of PS256 (RSA-PSS with SHA256)? The German government seems to be of the opinion it is possible and…
Basti
  • 123
  • 6
1
2 3