SlideShare a Scribd company logo

Javascript Object Signing & Encryption

Aaron Zauner
Aaron Zauner

The document discusses Javascript Object Signing and Encryption (JOSE) standards being developed by the IETF to provide a framework for signing and encrypting JSON data in a secure manner. These include the JSON Web Key (JWK) format for representing cryptographic keys, the JSON Web Signature (JWS) format for signing payload data, and the JSON Web Encryption (JWE) format for encrypting payload data. The standards provide mechanisms for integrity protection and encryption of JSON content in a way that ensures interoperability.

Technology
1 of 26
Downloaded 20 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
Javascript Object Signing & Encryption Aaron Zauner azet@azet.org lambda.co.at: Highly-Available, Scalable & Secure Distributed Systems DevOps/Security and Web Performance Meetup Vienna - 23/03/2015
Javascript Object Signing & Encryption Examples
JOSE Working Group With the increased usage of JSON in protocols in the IETF and elsewhere, there is now a desire to offer security services, which use encryption, digital signatures, message authentication codes (MACs) algorithms, that carry their data in JSON format. [. . . ] This Working Group will standardize the mechanism for integrity protection (signature and MAC) and encryption as well as the format for keys and algorithm identifiers to support interoperability of security services for protocols that use JSON. https://datatracker.ietf.org/wg/jose/charter/ DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 1/24
JOSE Couple of new IETF standards being worked on to provide a framework for signatures and/or encryption of JSON data: JSON Web Key “JWK” JSON Web Signature “JWS” JSON Web Encryption “JWE” (Algorithms defined in JSON Web Algorithms “JWA”) ..it is.. End-to-end (E2E) Not a replacement for TLS! DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 2/24
JWK: JSON Web Key Datastructures to represent cryptographic keys Used for JWS and JWE Keys and Key-Sets https://tools.ietf.org/html/draft-ietf-jose-json-web-key DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 3/24
JWK: Key {"kty":"EC", "crv":"P-256", "x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU", "y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0", "kid":"Public key used in JWS A.3 example" } Key Type: EC (Elliptic Curve, Digital Signature Standard) Curve: NIST P-256 Curve Points x and y A Key Identifier kid DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 4/24
JWK: Key Other parameters that can be assigned include: use: Public Key Use (sig or enc) key_ops: allowed operations (sign, verify, enc, dec, et cetera) alg: Intended Algorithm to be used with this Key x5u: X.509 URL parameter (certificate resource) x5c: X.509 Certificate Chain x5t and x5t#S256: X.509 SHA-1 and SHA-2 Thumbprints ..might sound familiar to X.509 certificate extensions. DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 5/24
JWK: JWK Set (Key Set) ECC and RSA Public Keys: {"keys": [ {"kty":"EC", "crv":"P-256", "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", "use":"enc", "kid":"1"}, {"kty":"RSA", "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx 4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2 QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e":"AQAB", "alg":"RS256", "kid":"2011-04-29"} ] } DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 6/24
JWK: JWK Set (Key Set) Set of Symmetric Encryption Keys (AES key wrap and HMAC): {"keys": [ {"kty":"oct", "alg":"A128KW", "k":"GawgguFyGrWKav7AX4VKUg"}, {"kty":"oct", "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T- 1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow", "kid":"HMAC key used in JWS A.1 example"} ] } DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 7/24
JWS: JSON Web Signature Content signed with: Digital Signature .. or; Message Authentication Code (MAC) ..thus provides integrity protection. https://tools.ietf.org/html/draft-ietf-jose-json-web-signature DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 8/24
JWS: JSON Web Signature JOSE Header (JWS Protected and Unprotected Headers) JWS Payload JWS Signature two serialization formats: ‘compact’: URL-safe (HTTP Auth, URI) JWS JSON - JSON Objects (values BASE64URL encoded) DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 9/24
JWS: JSON Web Signature Compact: BASE64URL(UTF8(JWS Protected Header)) || ‚.‚ || BASE64URL(JWS Payload) || ‚.‚ || BASE64URL(JWS Signature) JSON: { "payload":"<payload contents>", "signatures":[ {"protected":"<integrity-protected header 1 contents>", "header":<non-integrity-protected header 1 contents>, "signature":"<signature 1 contents>"}, ... {"protected":"<integrity-protected header N contents>", "header":<non-integrity-protected header N contents>, "signature":"<signature N contents>"}] }DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 10/24
JWS: JSON Web Signature JSON Web Token Example Header Object: {"typ":"JWT", "alg":"HS256"} Encoded: eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9 DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 11/24
JWS: JSON Web Signature JSON Web Token Example Payload Object: {"iss":"joe", "exp":1300819380, "http://example.com/is_root":true} Encoded: eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQo gImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 12/24
JWS: JSON Web Signature JSON Web Token Example Header Payload Signature ..seperated by a dot (.) Encoded: eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9 . eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt cGxlLmNvbS9pc19yb290Ijp0cnVlfQ . dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 13/24
JWS: JSON Web Signature Header Parameters alg: Algorithm identifier for JWS jku: JWK Set URL jkw: JSON Web Key (JWK) kid: Key ID x5u: X.509 URL x5c: X.509 Chain x5t and x5t#S256: X.509 Cert. Thumbprint typ: “Type” (MIME) cty: Content Type crit: “Critical” specifies fields that MUST be protected DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 14/24
JWE: JSON Web Encryption Format is very similar to JWS, but used for encryption of data BASE64URL(UTF8(JWE Protected Header)) || ‚.‚ || BASE64URL(JWE Encrypted Key) || ‚.‚ || BASE64URL(JWE Initialization Vector) || ‚.‚ || BASE64URL(JWE Ciphertext) || ‚.‚ || BASE64URL(JWE Authentication Tag) https://tools.ietf.org/html/draft-ietf-jose-json-web-encryption DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 15/24
JWE: JSON Web Encryption Header Parameters alg: Algorithm identifier for JWE enc: Content Encryption Algorithm zip: Compression algorithm to be used jku: JWK Set URL jkw: JSON Web Key (JWK) kid: Key ID x5u: X.509 URL x5c: X.509 Chain x5t and x5t#S256: X.509 Cert. Thumbprint typ: “Type” (MIME) cty: Content Type crit: “Critical” specifies fields that MUST be protected DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 16/24
JWE: JSON Web Encryption Example (flattened JSON representation): { "protected": "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2In0", "unprotected": {"jku":"https://server.example.com/keys.jwks"}, "header": {"alg":"A128KW","kid":"7"}, "encrypted_key": "6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ", "iv": "AxY8DCtDaGlsbGljb3RoZQ", "ciphertext": "KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY", "tag": "Mz-VPPyU4RlcuYv1IwIvzw" } DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 17/24
JWA: JSON Web Algorithms JWA Specifies a list of crypto primitives (algorithms) to be used in conjunction with JOSE and their parameters Not going into that in this talk. Some of them you’ve already seen in previous examples, if you want more details on the algorithms that can be used look into the draft DON’T home-brew your own crypto with these. Use existing, verified, technologies that build on JOSE https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 18/24
Running Code Implementations in all popular languages are available on GitHub! Python import jose claims = { "iss": "http://www.example.com", "exp": int(time()) + 3600, "sub": 42, } jwk = {"k": "password"} jws = jose.sign(claims, jwk, alg="HS256") http://jose.readthedocs.org/en/latest/ DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 19/24
Authentication Protocols OAuth OpenID / OAuth2.0 ..client authentication and authorization can be handeled by JOSE / Web Tokens entirely. See: https://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer https://developers.google.com/accounts/docs/OpenIDConnect DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 20/24
Google Wallet Google Wallet uses JWT to exchange information between clients (app) and Server https://developers.google.com/wallet/instant-buy/about-jwts DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 21/24
ACME / Let’s Encrypt The protocol that Let’s Encrypt employs (ACME) uses JOSE for messaging i.e. claims for certificates / domains and revocation https://letsencrypt.github.io/acme-spec/ DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 22/24
W3C WebCrypto W3C WebCrypto is a JavaScript API for performing basic cryptographic operations in web applications W3C WebCrypto employs JOSE (Key Format, Signatures, Algorithms) DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 23/24
Thanks for your patience. Are there any questions? Twitter: @a_z_e_t E-Mail: azet@azet.org XMPP: azet@jabber.ccc.de GitHub: https://github.com/azet GPG Fingerprint: 7CB6 197E 385A 02DC 15D8 E223 E4DB 6492 FDB9 B5D5 DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 24/24

More Related Content

What's hot (20)

PDF
MongoDB World 2019: Using Client Side Encryption in MongoDB 4.2 Link
MongoDB
 
PDF
JSON Web Tokens Will Improve Your Life
John Anderson
 
PDF
Session 5 - NGSI-LD Advanced Operations | Train the Trainers Program
FIWARE
 
PPTX
Understanding JWT Exploitation
AkshaeyBhosale
 
PPTX
Cargo Cult Security UJUG Sep2015
Derrick Isaacson
 
PDF
Autenticação com Json Web Token (JWT)
Ivan Rosolen
 
PDF
MongoDB .local Munich 2019: Tips and Tricks++ for Querying and Indexing MongoDB
MongoDB
 
PDF
Distributed Identities with OpenID
Bastian Hofmann
 
PDF
JSON Web Tokens Will Improve Your Life
John Anderson
 
PDF
Data Modeling with NGSI, NGSI-LD
Fernando Lopez Aguilar
 
PDF
Breaking vaults: Stealing Lastpass protected secrets
Martin Vigo
 
PDF
Blockchain Technologies for Data Science
Bruno Gonçalves
 
PDF
Session 2 - NGSI-LD primer & Smart Data Models | Train the Trainers Program
FIWARE
 
PDF
A XSSmas carol
cgvwzq
 
PPTX
MongoDB + Java - Everything you need to know
Norberto Leite
 
PPTX
Cryptography 101 for Java Developers - Devoxx 2019
Michel Schudel
 
PPTX
Honing headers for highly hardened highspeed hypertext
Fastly
 
PDF
Cryptography in PHP: use cases
Enrico Zimuel
 
PPTX
Cryptography 101 for Java Developers - JavaZone2019
Michel Schudel
 
PPTX
MongoDB + Java + Spring Data
Anton Sulzhenko
 
MongoDB World 2019: Using Client Side Encryption in MongoDB 4.2 Link
MongoDB
 
JSON Web Tokens Will Improve Your Life
John Anderson
 
Session 5 - NGSI-LD Advanced Operations | Train the Trainers Program
FIWARE
 
Understanding JWT Exploitation
AkshaeyBhosale
 
Cargo Cult Security UJUG Sep2015
Derrick Isaacson
 
Autenticação com Json Web Token (JWT)
Ivan Rosolen
 
MongoDB .local Munich 2019: Tips and Tricks++ for Querying and Indexing MongoDB
MongoDB
 
Distributed Identities with OpenID
Bastian Hofmann
 
JSON Web Tokens Will Improve Your Life
John Anderson
 
Data Modeling with NGSI, NGSI-LD
Fernando Lopez Aguilar
 
Breaking vaults: Stealing Lastpass protected secrets
Martin Vigo
 
Blockchain Technologies for Data Science
Bruno Gonçalves
 
Session 2 - NGSI-LD primer & Smart Data Models | Train the Trainers Program
FIWARE
 
A XSSmas carol
cgvwzq
 
MongoDB + Java - Everything you need to know
Norberto Leite
 
Cryptography 101 for Java Developers - Devoxx 2019
Michel Schudel
 
Honing headers for highly hardened highspeed hypertext
Fastly
 
Cryptography in PHP: use cases
Enrico Zimuel
 
Cryptography 101 for Java Developers - JavaZone2019
Michel Schudel
 
MongoDB + Java + Spring Data
Anton Sulzhenko
 

Similar to Javascript Object Signing & Encryption (20)

PPTX
Microservices Security Patterns & Protocols with Spring & PCF
VMware Tanzu
 
PDF
Con Foo 2017 - Don't Loose Sleep - Secure Your REST
Adam Englander
 
PPTX
JWTs and JOSE in a flash
Evan J Johnson (Not a CISSP)
 
PDF
A Primer on JSON Web Tokens
Chris Herbert
 
PPTX
The Burden of Proof
Brian Campbell
 
PDF
Don't Loose Sleep - Secure Your Rest - php[tek] 2017
Adam Englander
 
PDF
Introduction to JWT and How to integrate with Spring Security
Bruno Henrique Rother
 
PDF
introduction to jsrsasign
Kenji Urushima
 
PDF
Secure JAX-RS
Rudy De Busscher
 
PDF
PHP UK 2017 - Don't Lose Sleep - Secure Your REST
Adam Englander
 
PDF
Jwt == insecurity?
snyff
 
PDF
Overview of JSON Object Signing and Encryption
Masaru Kurahayashi
 
PDF
JWT(JSON WEB TOKEN) hand book for beginner
HieuHuy9
 
PPTX
JsonWebTokens ppt - explains JWT, JWS , JWE Tokens
nagarajapallafl
 
PDF
apidays LIVE Australia 2020 - WT* is JWT? by Maciej Treder
apidays
 
PDF
apidays LIVE New York - WT* is JWT? by Maciej Treder
apidays
 
PDF
apidays LIVE Paris - WT* is JWT? by Maciej Treder
apidays
 
PDF
apidays LIVE LONDON - WT* is JWT? by Maciej Treder
apidays
 
PDF
apidays LIVE Hong Kong - WT* is JWT? by Maciej Treder
apidays
 
PDF
Modern API Security with JSON Web Tokens
Jonathan LeBlanc
 
Microservices Security Patterns & Protocols with Spring & PCF
VMware Tanzu
 
Con Foo 2017 - Don't Loose Sleep - Secure Your REST
Adam Englander
 
JWTs and JOSE in a flash
Evan J Johnson (Not a CISSP)
 
A Primer on JSON Web Tokens
Chris Herbert
 
The Burden of Proof
Brian Campbell
 
Don't Loose Sleep - Secure Your Rest - php[tek] 2017
Adam Englander
 
Introduction to JWT and How to integrate with Spring Security
Bruno Henrique Rother
 
introduction to jsrsasign
Kenji Urushima
 
Secure JAX-RS
Rudy De Busscher
 
PHP UK 2017 - Don't Lose Sleep - Secure Your REST
Adam Englander
 
Jwt == insecurity?
snyff
 
Overview of JSON Object Signing and Encryption
Masaru Kurahayashi
 
JWT(JSON WEB TOKEN) hand book for beginner
HieuHuy9
 
JsonWebTokens ppt - explains JWT, JWS , JWE Tokens
nagarajapallafl
 
apidays LIVE Australia 2020 - WT* is JWT? by Maciej Treder
apidays
 
apidays LIVE New York - WT* is JWT? by Maciej Treder
apidays
 
apidays LIVE Paris - WT* is JWT? by Maciej Treder
apidays
 
apidays LIVE LONDON - WT* is JWT? by Maciej Treder
apidays
 
apidays LIVE Hong Kong - WT* is JWT? by Maciej Treder
apidays
 
Modern API Security with JSON Web Tokens
Jonathan LeBlanc
 
Ad

More from Aaron Zauner (13)

PDF
Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...
Aaron Zauner
 
PDF
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
Aaron Zauner
 
PDF
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
Aaron Zauner
 
PDF
State of Transport Security in the E-Mail Ecosystem at Large
Aaron Zauner
 
PDF
Introduction to and survey of TLS security (BsidesHH 2014)
Aaron Zauner
 
PDF
Beautiful Bash: Let's make reading and writing bash scripts fun again!
Aaron Zauner
 
PDF
Introduction to and survey of TLS Security
Aaron Zauner
 
PDF
[IETF Part] BetterCrypto Workshop @ Hack.lu 2014
Aaron Zauner
 
PDF
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
Aaron Zauner
 
PDF
Introduction to and survey of TLS Security
Aaron Zauner
 
PDF
BetterCrypto: Applied Crypto Hardening
Aaron Zauner
 
PDF
How to save the environment
Aaron Zauner
 
PDF
Sc12 workshop-writeup
Aaron Zauner
 
Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...
Aaron Zauner
 
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
Aaron Zauner
 
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
Aaron Zauner
 
State of Transport Security in the E-Mail Ecosystem at Large
Aaron Zauner
 
Introduction to and survey of TLS security (BsidesHH 2014)
Aaron Zauner
 
Beautiful Bash: Let's make reading and writing bash scripts fun again!
Aaron Zauner
 
Introduction to and survey of TLS Security
Aaron Zauner
 
[IETF Part] BetterCrypto Workshop @ Hack.lu 2014
Aaron Zauner
 
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
Aaron Zauner
 
Introduction to and survey of TLS Security
Aaron Zauner
 
BetterCrypto: Applied Crypto Hardening
Aaron Zauner
 
How to save the environment
Aaron Zauner
 
Sc12 workshop-writeup
Aaron Zauner
 
Ad

Recently uploaded (20)

PDF
Transforming Utility Networks: Large-scale Data Migrations with FME
Safe Software
 
PDF
The 2025 InfraRed Report - Redpoint Ventures
Razin Mustafiz
 
PDF
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
PPTX
From Sci-Fi to Reality: Exploring AI Evolution
Svetlana Meissner
 
PDF
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
PPTX
Mastering ODC + Okta Configuration - Chennai OSUG
HathiMaryA
 
PPTX
Seamless Tech Experiences Showcasing Cross-Platform App Design.pptx
presentifyai
 
PDF
Go Concurrency Real-World Patterns, Pitfalls, and Playground Battles.pdf
Emily Achieng
 
PDF
Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...
Safe Software
 
PDF
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
PDF
POV_ Why Enterprises Need to Find Value in ZERO.pdf
darshakparmar
 
PDF
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
PDF
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
DOCX
Python coding for beginners !! Start now!#
Rajni Bhardwaj Grover
 
PDF
“Voice Interfaces on a Budget: Building Real-time Speech Recognition on Low-c...
Edge AI and Vision Alliance
 
PDF
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
PDF
"Beyond English: Navigating the Challenges of Building a Ukrainian-language R...
Fwdays
 
PDF
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
PDF
How do you fast track Agentic automation use cases discovery?
DianaGray10
 
PDF
“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...
Edge AI and Vision Alliance
 
Transforming Utility Networks: Large-scale Data Migrations with FME
Safe Software
 
The 2025 InfraRed Report - Redpoint Ventures
Razin Mustafiz
 
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
From Sci-Fi to Reality: Exploring AI Evolution
Svetlana Meissner
 
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
Mastering ODC + Okta Configuration - Chennai OSUG
HathiMaryA
 
Seamless Tech Experiences Showcasing Cross-Platform App Design.pptx
presentifyai
 
Go Concurrency Real-World Patterns, Pitfalls, and Playground Battles.pdf
Emily Achieng
 
Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...
Safe Software
 
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
POV_ Why Enterprises Need to Find Value in ZERO.pdf
darshakparmar
 
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
Python coding for beginners !! Start now!#
Rajni Bhardwaj Grover
 
“Voice Interfaces on a Budget: Building Real-time Speech Recognition on Low-c...
Edge AI and Vision Alliance
 
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
"Beyond English: Navigating the Challenges of Building a Ukrainian-language R...
Fwdays
 
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
How do you fast track Agentic automation use cases discovery?
DianaGray10
 
“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...
Edge AI and Vision Alliance
 

Javascript Object Signing & Encryption

  • 1. Javascript Object Signing & Encryption Aaron Zauner [email protected] lambda.co.at: Highly-Available, Scalable & Secure Distributed Systems DevOps/Security and Web Performance Meetup Vienna - 23/03/2015
  • 2. Javascript Object Signing & Encryption Examples
  • 3. JOSE Working Group With the increased usage of JSON in protocols in the IETF and elsewhere, there is now a desire to offer security services, which use encryption, digital signatures, message authentication codes (MACs) algorithms, that carry their data in JSON format. [. . . ] This Working Group will standardize the mechanism for integrity protection (signature and MAC) and encryption as well as the format for keys and algorithm identifiers to support interoperability of security services for protocols that use JSON. https://datatracker.ietf.org/wg/jose/charter/ DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 1/24
  • 4. JOSE Couple of new IETF standards being worked on to provide a framework for signatures and/or encryption of JSON data: JSON Web Key “JWK” JSON Web Signature “JWS” JSON Web Encryption “JWE” (Algorithms defined in JSON Web Algorithms “JWA”) ..it is.. End-to-end (E2E) Not a replacement for TLS! DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 2/24
  • 5. JWK: JSON Web Key Datastructures to represent cryptographic keys Used for JWS and JWE Keys and Key-Sets https://tools.ietf.org/html/draft-ietf-jose-json-web-key DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 3/24
  • 6. JWK: Key {"kty":"EC", "crv":"P-256", "x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU", "y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0", "kid":"Public key used in JWS A.3 example" } Key Type: EC (Elliptic Curve, Digital Signature Standard) Curve: NIST P-256 Curve Points x and y A Key Identifier kid DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 4/24
  • 7. JWK: Key Other parameters that can be assigned include: use: Public Key Use (sig or enc) key_ops: allowed operations (sign, verify, enc, dec, et cetera) alg: Intended Algorithm to be used with this Key x5u: X.509 URL parameter (certificate resource) x5c: X.509 Certificate Chain x5t and x5t#S256: X.509 SHA-1 and SHA-2 Thumbprints ..might sound familiar to X.509 certificate extensions. DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 5/24
  • 8. JWK: JWK Set (Key Set) ECC and RSA Public Keys: {"keys": [ {"kty":"EC", "crv":"P-256", "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", "use":"enc", "kid":"1"}, {"kty":"RSA", "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx 4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2 QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e":"AQAB", "alg":"RS256", "kid":"2011-04-29"} ] } DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 6/24
  • 9. JWK: JWK Set (Key Set) Set of Symmetric Encryption Keys (AES key wrap and HMAC): {"keys": [ {"kty":"oct", "alg":"A128KW", "k":"GawgguFyGrWKav7AX4VKUg"}, {"kty":"oct", "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T- 1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow", "kid":"HMAC key used in JWS A.1 example"} ] } DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 7/24
  • 10. JWS: JSON Web Signature Content signed with: Digital Signature .. or; Message Authentication Code (MAC) ..thus provides integrity protection. https://tools.ietf.org/html/draft-ietf-jose-json-web-signature DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 8/24
  • 11. JWS: JSON Web Signature JOSE Header (JWS Protected and Unprotected Headers) JWS Payload JWS Signature two serialization formats: ‘compact’: URL-safe (HTTP Auth, URI) JWS JSON - JSON Objects (values BASE64URL encoded) DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 9/24
  • 12. JWS: JSON Web Signature Compact: BASE64URL(UTF8(JWS Protected Header)) || ‚.‚ || BASE64URL(JWS Payload) || ‚.‚ || BASE64URL(JWS Signature) JSON: { "payload":"<payload contents>", "signatures":[ {"protected":"<integrity-protected header 1 contents>", "header":<non-integrity-protected header 1 contents>, "signature":"<signature 1 contents>"}, ... {"protected":"<integrity-protected header N contents>", "header":<non-integrity-protected header N contents>, "signature":"<signature N contents>"}] }DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 10/24
  • 13. JWS: JSON Web Signature JSON Web Token Example Header Object: {"typ":"JWT", "alg":"HS256"} Encoded: eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9 DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 11/24
  • 14. JWS: JSON Web Signature JSON Web Token Example Payload Object: {"iss":"joe", "exp":1300819380, "http://example.com/is_root":true} Encoded: eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQo gImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 12/24
  • 15. JWS: JSON Web Signature JSON Web Token Example Header Payload Signature ..seperated by a dot (.) Encoded: eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9 . eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt cGxlLmNvbS9pc19yb290Ijp0cnVlfQ . dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 13/24
  • 16. JWS: JSON Web Signature Header Parameters alg: Algorithm identifier for JWS jku: JWK Set URL jkw: JSON Web Key (JWK) kid: Key ID x5u: X.509 URL x5c: X.509 Chain x5t and x5t#S256: X.509 Cert. Thumbprint typ: “Type” (MIME) cty: Content Type crit: “Critical” specifies fields that MUST be protected DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 14/24
  • 17. JWE: JSON Web Encryption Format is very similar to JWS, but used for encryption of data BASE64URL(UTF8(JWE Protected Header)) || ‚.‚ || BASE64URL(JWE Encrypted Key) || ‚.‚ || BASE64URL(JWE Initialization Vector) || ‚.‚ || BASE64URL(JWE Ciphertext) || ‚.‚ || BASE64URL(JWE Authentication Tag) https://tools.ietf.org/html/draft-ietf-jose-json-web-encryption DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 15/24
  • 18. JWE: JSON Web Encryption Header Parameters alg: Algorithm identifier for JWE enc: Content Encryption Algorithm zip: Compression algorithm to be used jku: JWK Set URL jkw: JSON Web Key (JWK) kid: Key ID x5u: X.509 URL x5c: X.509 Chain x5t and x5t#S256: X.509 Cert. Thumbprint typ: “Type” (MIME) cty: Content Type crit: “Critical” specifies fields that MUST be protected DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 16/24
  • 19. JWE: JSON Web Encryption Example (flattened JSON representation): { "protected": "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2In0", "unprotected": {"jku":"https://server.example.com/keys.jwks"}, "header": {"alg":"A128KW","kid":"7"}, "encrypted_key": "6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ", "iv": "AxY8DCtDaGlsbGljb3RoZQ", "ciphertext": "KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY", "tag": "Mz-VPPyU4RlcuYv1IwIvzw" } DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 17/24
  • 20. JWA: JSON Web Algorithms JWA Specifies a list of crypto primitives (algorithms) to be used in conjunction with JOSE and their parameters Not going into that in this talk. Some of them you’ve already seen in previous examples, if you want more details on the algorithms that can be used look into the draft DON’T home-brew your own crypto with these. Use existing, verified, technologies that build on JOSE https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 18/24
  • 21. Running Code Implementations in all popular languages are available on GitHub! Python import jose claims = { "iss": "http://www.example.com", "exp": int(time()) + 3600, "sub": 42, } jwk = {"k": "password"} jws = jose.sign(claims, jwk, alg="HS256") http://jose.readthedocs.org/en/latest/ DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 19/24
  • 22. Authentication Protocols OAuth OpenID / OAuth2.0 ..client authentication and authorization can be handeled by JOSE / Web Tokens entirely. See: https://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer https://developers.google.com/accounts/docs/OpenIDConnect DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 20/24
  • 23. Google Wallet Google Wallet uses JWT to exchange information between clients (app) and Server https://developers.google.com/wallet/instant-buy/about-jwts DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 21/24
  • 24. ACME / Let’s Encrypt The protocol that Let’s Encrypt employs (ACME) uses JOSE for messaging i.e. claims for certificates / domains and revocation https://letsencrypt.github.io/acme-spec/ DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 22/24
  • 25. W3C WebCrypto W3C WebCrypto is a JavaScript API for performing basic cryptographic operations in web applications W3C WebCrypto employs JOSE (Key Format, Signatures, Algorithms) DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 23/24
  • 26. Thanks for your patience. Are there any questions? Twitter: @a_z_e_t E-Mail: [email protected] XMPP: [email protected] GitHub: https://github.com/azet GPG Fingerprint: 7CB6 197E 385A 02DC 15D8 E223 E4DB 6492 FDB9 B5D5 DevOps/Security and Web Performance Meetup Vienna - 23/03/2015 Javascript Object Signing & Encryption Aaron Zauner 24/24