如果您可以解码 JWT,它们的安全性如何? [英] If you can decode JWT, how are they secure?
问题描述
如果我得到一个 JWT 并且我可以解码有效负载,那么它的安全性如何?难道我不能直接从标头中提取令牌,解码并更改有效负载中的用户信息,然后使用相同的正确编码秘密将其发回吗?
If I get a JWT and I can decode the payload, how is that secure? Couldn't I just grab the token out of the header, decode and change the user information in the payload, and send it back with the same correct encoded secret?
我知道它们必须是安全的,但我真的很想了解这些技术.我错过了什么?
I know they must be secure, but I just would really like to understand the technologies. What am I missing?
推荐答案
JWT 可以签名、加密或两者都进行.如果令牌已签名但未加密,则每个人都可以阅读其内容,但是当您不知道私钥时,您将无法更改它.否则,接收者会注意到签名不再匹配.
JWTs can be either signed, encrypted or both. If a token is signed, but not encrypted, everyone can read its contents, but when you don't know the private key, you can't change it. Otherwise, the receiver will notice that the signature won't match anymore.
回答您的评论:我不确定我是否以正确的方式理解您的评论.可以肯定的是:您知道并理解数字签名吗?我将简要解释一种变体(HMAC,它是对称的,但还有许多其他变体).
Answer to your comment: I'm not sure if I understand your comment the right way. Just to be sure: do you know and understand digital signatures? I'll just briefly explain one variant (HMAC, which is symmetrical, but there are many others).
假设 Alice 想向 Bob 发送 JWT.他们都知道一些共同的秘密.Mallory 不知道这个秘密,但想要干预和改变 JWT.为了防止这种情况发生,Alice 计算 Hash(payload + secret) 并将其附加为签名.
Let's assume Alice wants to send a JWT to Bob. They both know some shared secret. Mallory doesn't know that secret, but wants to interfere and change the JWT. To prevent that, Alice calculates Hash(payload + secret) and appends this as signature.
Bob 收到消息时,还可以计算Hash(payload + secret) 来检查签名是否匹配.但是,如果 Mallory 更改了内容中的某些内容,她将无法计算匹配的签名(即 Hash(newContent + secret)).她不知道这个秘密,也没有办法找出来.这意味着如果她更改某些内容,签名将不再匹配,并且 Bob 将不再接受 JWT.
When receiving the message, Bob can also calculate Hash(payload + secret) to check whether the signature matches.
If however, Mallory changes something in the content, she isn't able to calculate the matching signature (which would be Hash(newContent + secret)). She doesn't know the secret and has no way of finding it out.
This means if she changes something, the signature won't match anymore, and Bob will simply not accept the JWT anymore.
假设,我向另一个人发送消息 {"id":1} 并使用 Hash(content + secret) 对其进行签名.(+ 在这里只是连接).我使用SHA256哈希函数,得到的签名是:330e7b0775561c6e95797d4dd306a150046e239986f0a1373230fda0235bda8c.现在轮到您了:扮演 Mallory 并尝试签署消息 {"id":2}.你不能,因为你不知道我使用了哪个秘密.如果我假设接收者知道这个秘密,他可以计算任何消息的签名并检查它是否正确.
Let's suppose, I send another person the message {"id":1} and sign it with Hash(content + secret). (+ is just concatenation here). I use the SHA256 Hash function, and the signature I get is: 330e7b0775561c6e95797d4dd306a150046e239986f0a1373230fda0235bda8c. Now it's your turn: play the role of Mallory and try to sign the message {"id":2}. You can't because you don't know which secret I used. If I suppose that the recipient knows the secret, he CAN calculate the signature of any message and check if it's correct.
这篇关于如果您可以解码 JWT,它们的安全性如何?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
