JWS vs JWE скачать в хорошем качестве

JWS vs JWE

🔥More exclusive content: https://productioncoder.com/you-decid... Twitter:   / _jgoebel   Website: https://jangoebel.com Blog: https://productioncoder.com 00:00 difference between JSON Web Signature Token and JSON Web Encryption token 00:40 JSON Web Signature tokens guarantees 02:13 JSON Web Encryption tokens guarantees 03:16 JWT compact serialization for JWS and JWE There are two types of JSON Web Tokens (JWTs). There are JSON Web Signature Tokens (JWS token) that contain a digital signature or a MAC at the end (but don't have to). These tokens guarantee authenticity and data integrity. In case you are using digital signatures and not MACs, JWS also guarantee non-repudiation because contrary to MACs you do not have a share secret with digital signatures. Digital signatures rely on public key cryptography such as RSA and therefore only the public key is distributed. With the public key you can only verify signatures, but you cannot create signatures. Only the party that is in possession of the private key can actually create new signatures. JSON Web Encryption tokens actually encrypt the plaintext. JWE tokens make use of a hybrid encryption schema where you make a key for a symmetric secret and then encrypt this key for the symmetric encryption algorithm with an asymmetric algorithm such as RSA or ECDSA. The reason is that asymmetric algorithms typically have hard limits on the amount of data they can transport. In addition the encryption and decryption process for larger amounts of data is way faster. JWE tokens use authenticated encryption schemes.