JWT With RSA Signing

I’ve lost count of the number of times I’ve advised companies to stop using HMAC in signing of JWT tokens. Why? Because they often just use a simple password to generate the HMAC key, and where an intruder could discover the password and sign valid tokens. Along with this, every verifer also typically contains the secret passphrase, or where it can be discovered from analysing the application code. In one case, the developers were actually using “password” to generate the HMAC key — I discovered this by purely analysing the generated token. In one case, I also found the secret pass phrase that was used to generate the HMAC key on a public GitHub.

Overall, in many cases, RSA encryption for the signing is the most secure. This is especially true where we do not want to store our signing key on a service which checks the token. So, in this case, we will generate an RSA key pair, and sign the token with our private key, and then use the public key to verify it:

In this case, we have a JSON data format for the token with a subject, audience, and issuer (ISS), and where Bob signs with his private key, and then Alice proves the signer on the token with his public key. This method differs from HMAC signing, and where Bob…