A collegue and myself have been trying to understand how jwt tokens verify tokens, but from our reading we seem to be confusing ourselves. Please can someone help confirm whether my thinking is correct <ul> <li>Tokens are signed using the private key. The signature is a combination of the header and payload encrypted using the private key and added to the jwt as the last part, the signature.</li> <li>In order to verify the token the receiver can replicate this process using the public key. They encrypt the header and payload to see if it the same as the signature. Note this is not decryption. The receiver is not decrypting the token (this is the main thing we are unsure of). -The receiver cannot issue new tokens as they do not have the private key to encrypt a new token with.</li> </ul> I have read the jwt documentation on both RS256 and HS256 and still struggling to confirm my thinking, hence the post.

Tokens can be digitally signed using a key pair, private and public, or hashed using a secret key: <ul> <li><code>RS256</code> :RSA KeyPair with SHA256. Token is signed with private key and verified using the public </li> <li><code>HS256</code>: HMAC key with SHA256. The key is the same to sign and verify</li> </ul> A compact JWT looks like this <code>hhhhh.ppppp.sssss</code> <ul> <li><code>hhhhh</code>: Header of JWT, includes the algorithm used to sign the token. e.g <code>{"alg":"RS256","typ":"JWT"}</code>. Encoded in base64url</li> <li><code>ppppp</code>: Payload of JWT, include some useful claims like <code>sub</code>, <code>iss</code> or <code>exp</code>. Encoded in base64url</li> <li><code>sssss</code>: Signature of JWT , performed on the concatenation of the base64 url encoding of header and payload using the specified algorithm and encoded in base64. E.g <code>b64(signature(hhhhhh.pppppp))</code></li> </ul> Answering your question, you are refering to <code>RS256</code> using a key pair where the client verifies the token using the public key (a verification with HMAC key would mean client and server share the key) The token is signed (not encrypted) with the algorithm I wrote above. To verify, the client verifies that signature match with the first part of the token <code>hhhhhh.pppppp</code> using the provided public key. Digital signature verification is a standard operation supported in all modern languages. Note that is not the same as encryption/decryption

Verifying jwt tokens [rsa]

Tags:

cryptography

jwt

digital-signature

A collegue and myself have been trying to understand how jwt tokens verify tokens, but from our reading we seem to be confusing ourselves.

Please can someone help confirm whether my thinking is correct

Tokens are signed using the private key. The signature is a combination of the header and payload encrypted using the private key and added to the jwt as the last part, the signature.
In order to verify the token the receiver can replicate this process using the public key. They encrypt the header and payload to see if it the same as the signature. Note this is not decryption. The receiver is not decrypting the token (this is the main thing we are unsure of). -The receiver cannot issue new tokens as they do not have the private key to encrypt a new token with.

I have read the jwt documentation on both RS256 and HS256 and still struggling to confirm my thinking, hence the post.

765

asked Mar 07 '17 09:03

Ryan-Neal Mes

1 Answers

Tokens can be digitally signed using a key pair, private and public, or hashed using a secret key:

RS256 :RSA KeyPair with SHA256. Token is signed with private key and verified using the public
HS256: HMAC key with SHA256. The key is the same to sign and verify

A compact JWT looks like this hhhhh.ppppp.sssss

hhhhh: Header of JWT, includes the algorithm used to sign the token. e.g {"alg":"RS256","typ":"JWT"}. Encoded in base64url
ppppp: Payload of JWT, include some useful claims like sub, iss or exp. Encoded in base64url
sssss: Signature of JWT , performed on the concatenation of the base64 url encoding of header and payload using the specified algorithm and encoded in base64. E.g b64(signature(hhhhhh.pppppp))

Answering your question, you are refering to RS256 using a key pair where the client verifies the token using the public key (a verification with HMAC key would mean client and server share the key)

The token is signed (not encrypted) with the algorithm I wrote above. To verify, the client verifies that signature match with the first part of the token hhhhhh.pppppp using the provided public key. Digital signature verification is a standard operation supported in all modern languages. Note that is not the same as encryption/decryption

139

answered Oct 03 '22 20:10

pedrofb

Related questions
                            
                                Single block AES decryption in Ruby
                            
                                How would an efficient OAuth2.0 server / provider work?
                            
                                Protecting crypto keys in RAM?
                            
                                AES256 Encryption/Decryption in both NodeJS and C#
                            
                                How to do Diffie Hellman Key Generation and retrieve raw key bytes in Java
                            
                                Which exponentiation algorithms do CPU/programming languages use? [closed]
                            
                                AES 256 encryption PHP with Padding
                            
                                How to hash int/long using hashlib in Python?
                            
                                Golang signing a struct using rsa
                            
                                AES 256 in CTR mode [closed]
                            
                                Using hash of password with SSL
                            
                                How do I encode passwords in web forms without javascript?
                            
                                Rijndal Algorithm using C#
                            
                                El Gamal faster than RSA with the same modulus length?
                            
                                MD5 hash salting - where to store salt
                            
                                DH Key Agreement in Java: why generated keys are mostly equal for both parties?
                            
                                Cryptography vs Hashing
                            
                                Calculating multiplicative inverse in a finite field
                            
                                Utilizing PBKDF2 with OpenSSL library
                            
                                Select different padding modes in OpenSSL commands

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With