JSON Web Signature (JWS)

JSON Web Signature (JWS) is a standard (RFC 7515) for digitally signing arbitrary content using JSON-based data structures. Most JWTs use JWS to provide integrity protection and sender authentication.

Structure

JWS uses the familiar three-part JWT structure:

BASE64URL(header).BASE64URL(payload).BASE64URL(signature)

// The signature is computed over:
signature = HMAC-SHA256(
  base64url(header) + "." + base64url(payload),
  secret
)

Signing Algorithms

• Symmetric (HMAC): HS256, HS384, HS512 - shared secret
• Asymmetric (RSA): RS256, RS384, RS512 - public/private keypair
• Asymmetric (ECDSA): ES256, ES384, ES512 - elliptic curve
• None: Unsecured JWT (dangerous!)

Symmetric vs Asymmetric

// HMAC (symmetric) - same key for sign and verify
// Good for: Single service, internal APIs
signature = HMAC(payload, shared_secret)

// RSA (asymmetric) - private key signs, public verifies
// Good for: Distributed systems, public verification
signature = RSA_Sign(payload, private_key)
verify = RSA_Verify(payload, signature, public_key)

Security Considerations

• Always verify signatures before trusting payload
• Validate the algorithm header (prevent algorithm confusion)
• Reject "none" algorithm in production
• Use appropriate key lengths (256+ bits for HMAC)

See Also

• JSON Web Token (JWT)
• JSON Web Encryption (JWE)
• JWT Algorithm Confusion Attack