如果您可以解码JWT，它们如何安全? [英] If you can decode JWT, how are they secure?

问题描述

如果我得到一个 JWT 并且可以解码有效载荷，那么它的安全性如何?我不能只是从标头中提取令牌，解码并更改有效负载中的用户信息，然后使用相同的正确编码机密将其发送回去吗?

If I get a JWT and I can decode the payload, how is that secure? Couldn't I just grab the token out of the header, decode and change the user information in the payload, and send it back with the same correct encoded secret?

我知道它们必须安全，但是我真的很想了解这些技术.我想念什么?

I know they must be secure, but I just would really like to understand the technologies. What am I missing?

推荐答案

JWT可以被签名，被加密或同时被签名和加密.如果令牌已签名但未加密，则每个人都可以读取其内容，但是当您不知道私钥时，就无法更改它.否则，接收者会注意到签名不再匹配.

JWTs can be either signed, encrypted or both. If a token is signed, but not encrypted, everyone can read its contents, but when you don't know the private key, you can't change it. Otherwise, the receiver will notice that the signature won't match anymore.

回答您的评论:我不确定我是否以正确的方式理解您的评论.只是要确保:您知道并理解数字签名吗?我将简要解释一个变体(HMAC，它是对称的，但还有许多其他变体).

Answer to your comment: I'm not sure if I understand your comment the right way. Just to be sure: do you know and understand digital signatures? I'll just briefly explain one variant (HMAC, which is symmetrical, but there are many others).

让我们假设爱丽丝想向鲍勃发送JWT.他们俩都知道一些共同的秘密.马洛里不知道那个秘密，但是想干预和改变JWT.为了防止这种情况，爱丽丝计算Hash(payload + secret)并将其附加为签名.

Let's assume Alice wants to send a JWT to Bob. They both know some shared secret. Mallory doesn't know that secret, but wants to interfere and change the JWT. To prevent that, Alice calculates Hash(payload + secret) and appends this as signature.

当收到消息时，鲍勃还可以计算Hash(payload + secret)来检查签名是否匹配. 但是，如果Mallory更改了内容中的某些内容，则她将无法计算出匹配的签名(应为Hash(newContent + secret)).她不知道秘密，也无法找出秘密. 这意味着，如果她更改了某些内容，签名将不再匹配，并且Bob将不再接受JWT.

When receiving the message, Bob can also calculate Hash(payload + secret) to check whether the signature matches. If however, Mallory changes something in the content, she isn't able to calculate the matching signature (which would be Hash(newContent + secret)). She doesn't know the secret and has no way of finding it out. This means if she changes something, the signature won't match anymore, and Bob will simply not accept the JWT anymore.

假设，我向他人发送消息{"id":1}，并用Hash(content + secret)签名. (+在这里只是串联).我使用SHA256哈希函数，得到的签名是:330e7b0775561c6e95797d4dd306a150046e239986f0a1373230fda0235bda8c.现在轮到您了:扮演Mallory的角色，并尝试在消息{"id":2}上签名.您不能，因为您不知道我使用了哪个秘密.如果我认为收件人知道秘密，则他可以计算任何邮件的签名并检查其是否正确.

Let's suppose, I send another person the message {"id":1} and sign it with Hash(content + secret). (+ is just concatenation here). I use the SHA256 Hash function, and the signature I get is: 330e7b0775561c6e95797d4dd306a150046e239986f0a1373230fda0235bda8c. Now it's your turn: play the role of Mallory and try to sign the message {"id":2}. You can't because you don't know which secret I used. If I suppose that the recipient knows the secret, he CAN calculate the signature of any message and check if it's correct.

这篇关于如果您可以解码JWT，它们如何安全?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！