Skip to main content
Cryptography

Questions tagged [jose]

Ask Question

JSON Object Signing and Encryption (JOSE) is a generic name for applications that use the JSON Web Signature and JSON Web Encryption (JWS and JWE) standards and derived technology such as JSON Web Token (JWT).

7 questions
Newest Active Bountied Unanswered
3 votes
1 answer
130 views

PKCS#1 specify its keys as DER-encoded ASN.1 data structure types, so it's understandable to invent a format that admit lightweight parser with CBOR. But I don't see why it is necessary to invent key ...
DannyNiu's user avatar
  • 11.7k
4 votes
1 answer
2k views

Disclaimer: I first posted this question on security.stackexchange some minutes ago but deleted it, this is probably a better place for it. My goal is to use JWE with hybrid encryption (ECDH+AES) for ...
ceaaj's user avatar
  • 43
1 vote
0 answers
120 views

I am trying to figure out how to use a custom password with a JWK that uses the password for key wrapping. The JWA spec contains for example "PBES2-HS512+A256KW", which does "PBES2 with ...
enzian's user avatar
  • 121
6 votes
1 answer
4k views

I am writing an application using JSON Web Encryption with ECDH using the X25519 Curve. The RFC says that ECHD-ES derived secret is run through a Concat KDF. Given ...
ams's user avatar
  • 721
2 votes
1 answer
903 views

I'm working on a solution where JWE is needed between an Android app and a backend written in Node.JS, using node-jose. I've been struggling a lot since it seems ...
JHH's user avatar
  • 121
1 vote
0 answers
189 views

The JOSE suite specifics use of RSA-OAEP (for when one party has an RSA key) and ECDH (for when two parties have EC keys) in JWA. Why doesn't it include ECIES? It seems like a way to derive a key ...
kag0's user avatar
  • 115
3 votes
2 answers
2k views

I have a system where I am transmitting JSON messages securely (using for example AES-128), where each message has the same format. For example: ...
Matthew's user avatar
  • 247