What are the ideal characteristics of the secret key in HS512 JWT algorithm?

About

Asked 15/2, 2022 at 8:27 Answered 15/2, 2022 at 12:16

Solved security jwt hmac sha sign

I am generating JWT with the HS512 algorithm.

A secret key is used to sign the header and content. Presently I am using the key as follows: q1w2e3r4t5y6u7i8o9p0

What are the ideal characteristics of the secret key in HS512 JWT algorithm?

For example: Length must be n characters; include upper case, lower case, symbols....?

Aharon answered 15/2, 2022 at 8:27 Comment(0)

Ideally your HS512 secret is 512 random bits (64 random bytes). You encode this secret as base64, base64url, or hex for "storage" and then decode it before it's used as a secret.

HS512 is HMAC with SHA-512, secret with less than 64 bytes gets padded to 64 bytes, secrets larger than 64 bytes add no additional security.

You can generate these with openssl, e.g.

openssl rand -hex 64

This will produce e.g.

2dae84f846e4f4b158a8d26681707f4338495bc7ab68151d7f7679cc5e56202dd3da0d356da007a7c28cb0b780418f4f3246769972d6feaa8f610c7d1e7ecf6a

Which you then hex decode to be used as the symmetric secret.

Same goes for HS256 (256 bits, 32 bytes), HS384 (384 bits, 48 bytes).

Nancynandor answered 15/2, 2022 at 12:16 Comment(12)

Why does the example rand key (output of openssl rand -hex 64) that you have provided need to be hex decoded and converted into base64 for storage? – Aharon 15/2, 2022 at 12:50

Because you want to use the raw bytes the hex encoding holds as the secret as opposed to the hex value itself. You don't need to mix hex and base64, just stick with one. – Nancynandor 15/2, 2022 at 13:13

How to get the hex decode of the example randomly generated? – Aharon 15/2, 2022 at 13:44

I don't follow your question. – Nancynandor 15/2, 2022 at 13:46

How do I hex decode the example value you have provided? – Aharon 15/2, 2022 at 13:46

That clearly depends on the programming language of your choice. – Nancynandor 15/2, 2022 at 13:47

When I try in python

bytes.fromhex('2dae84f846e4f4b158a8d26681707f4338495bc7ab68151d7f7679cc5e56202dd3da0d356da007a7c28cb0b780418f4f3246769972d6feaa8f610c7d1e7ecf6a').decode('utf-8')

it gives me error UnicodeDecodeError: 'utf-8' codec can't decode byte 0xae in position 1: invalid start byte – Aharon 15/2, 2022 at 13:48

Use just bytes.fromHex to get the byte array to use as a secret. – Nancynandor 15/2, 2022 at 13:52

This returns the bytes - so you are saying that this (bytes) needs to be used as key. Where as the the hex is what needs to be used for storage? – Aharon 15/2, 2022 at 13:56

Yes, those are the ideal characteristics of an HS512 secret key. 64 random bytes. Encoding them as hex is merely a suggestion for you to be able to store/recall the secret in your code. – Nancynandor 15/2, 2022 at 14:4

I found 13 projects on GITHUB , that use THIS example key you have given in your answer – Aeroembolism 26/1, 2023 at 7:25

@Aeroembolism well that's a security vulnerability and should be disclosed to those developers to hide their private keys properly. Or maybe its just a test app and doesn't need to be secure. – Rattlehead 15/3, 2023 at 20:23

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags