The Cryptography Behind Authentication and SSO using JSON Web Tokens
I played around with JSON Web Tokens (JWT for short) during a project which involved building a CAP JAVA application on BTP. Having done a master’s thesis in cryptography, I became interested in tying what I had learned in college with the practical side of things. In this blog, I outline what goes on under the hood to achieve authentication and SSO using JWT, with just enough technical details to appreciate the theory behind it.
A Motivating Example
My professor, Dr. Ashish Choudhury, loved to give this example from Indian folklore to explain authentication. Princess Sita, the wife of prince Ram, was kidnapped by the demon Ravana. To pacify her, Ram sent a message to Sita using the monkey God Hanuman as a messenger. To convince Sita that the message indeed was from Ram, Hanuman showed Sita Ram’s ring. Since it was very unlikely that Hanuman had overpowered Ram and stolen his ring, Sita believed that Hanuman was Ram’s messenger.
In the above example, the ring was something personal to Ram, which convinced Sita of the authenticity of the message. In order to convince an application about the authenticity of a user, we use something personal to the user, which is the user’s signature. Specifically, the signature should have the following properties.
- Unforgeability: Only the user can sign their own signature. No one else can sign a signature of the user’s behalf. In our example, no one else could have produced Ram’s ring except Ram.
- Verifiability: Everyone can verify that a signature is correct. In our example, Hanuman could have used Ram’s ring to convince others apart from Sita that he was Ram’s messenger.
Intuitively, unforgeability allows us to perform authentication, while verifiability allows us to perform single sign-on (SSO).
Public Key Cryptography
But how do we achieve these properties in practice? The answer lies in public key cryptography. A pair of keys, a public key and a private key, is generated for each user. As the name suggests, the private key is known only to the user being authenticated, while the public key is known to everyone. Think of the private key as a personal pen which the user can use to sign their signature. The public key is like a magnifying glass which every other user can use to check if this signature is valid. And voilà! The private key can be used to ensure unforgeability, while the public key can be used to ensure verifiability.
JSON Web Tokens
Now, how do JSON Web Tokens manage to do all of this? The picture below depicts the flow of how authentication happens using JWT in an application using XSUAA.
Each JWT consists of three parts – the header, the body, and the signature. Let’s break down what happens.
- Upon entering their credentials, each user is assigned a private key by their identity provider (IdP).
- The IdP uses this private key to sign a signature on the user’s behalf, and attaches this signature to the JWT.
- While using XSUAA, the header of the JSON web token contains a key “jku”, whose value is a URL which stores the public key which can be used to verify the signature.
- For every request made to access each route, the JWT token is forwarded by the application router, and the public key is used to verify and authenticate the request.
If a user is not authorized, then they would not be able to log in and would not be granted the JWT by the IdP. Even if they did try to make a request to a route of the application by creating their own JWT token, since the signature was not created by the correct private key, it would not be validated by the public key. As food for thought, the whole scheme works only as long as the IdP is not compromised. If someone malicious somehow manages to take control of the IdP, then all security breaks down. A line of active research looks at how we can eliminate trusting a single party, and distribute trust among multiple authorities to eliminate such problems. I hope you enjoyed the blog, and would love to hear your comments!
Love the example 🥳
Thank you, Carsten. All credit goes to my professor 🙂