Some notes on best practise when using JSON Web Tokens (as defined in RFC 7519)

Best Practise

• Allowlist algorithms - a blocklist can be bypassed by malforming unwanted algorithms (eg. ‘NoNe’)
• Signature. Use asymmetric:
  • ES256 (faster) or
  • RS256 (more widely supported)
• Why use asymmetric signing?
  • easier to keep the secret secret
  • proves it was signed by the real signer
• If you really have to use symmetric, use ephemeral secrets
• Always validate the token
• JWT can be used for access or ID - check the expected usage
• Of course, never include confidential information in the JWT itself

Common Exploits

• CVE-2015-2591: alg:none
• CVE-2016-10555: RSA/HMAC-SHA public key mismatch
• CVE 2018-0114: key injection
• CVE-2019-20933: blank password
• CVE-2020-28042: null signature

Sources & More Info

• This presentation by Philippe De Ryck
• The OWASP Testing Guide