RFC 7518 - JSON Web Algorithms (JWA)

Publication Date: May 2015
Status: Standards Track
Author: M. Jones (Microsoft)

---

Abstract

This specification registers cryptographic algorithms and identifiers to be used with the JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Key (JWK) specifications. It defines several IANA registries for these identifiers.

---

Table of Contents

• 1. Introduction
  • 1.1 Notational Conventions
• 2. Terminology
• 3. Cryptographic Algorithms for Digital Signatures and MACs
  • 3.1 "alg" Header Parameter Values for JWS
  • 3.2 HMAC with SHA-2 Functions
  • 3.3 Digital Signature with RSASSA-PKCS1-v1_5
  • 3.4 Digital Signature with ECDSA
  • 3.5 Digital Signature with RSASSA-PSS
  • 3.6 Using the Algorithm "none"
• 4. Cryptographic Algorithms for Key Management
  • 4.1 "alg" Header Parameter Values for JWE
  • 4.2 Key Encryption with RSAES-PKCS1-v1_5
  • 4.3 Key Encryption with RSAES OAEP
  • 4.4 Key Wrapping with AES Key Wrap
  • 4.5 Direct Encryption with a Shared Symmetric Key
  • 4.6 Key Agreement with ECDH-ES
  • 4.7 Key Encryption with AES GCM
  • 4.8 Key Encryption with PBES2
• 5. Cryptographic Algorithms for Content Encryption
  • 5.1 "enc" Header Parameter Values for JWE
  • 5.2 AES_CBC_HMAC_SHA2 Algorithms
  • 5.3 Content Encryption with AES GCM
• 6. Cryptographic Algorithms for Keys
  • 6.1 "kty" Parameter Values
  • 6.2 Parameters for Elliptic Curve Keys
  • 6.3 Parameters for RSA Keys
  • 6.4 Parameters for Symmetric Keys
• 7. IANA Considerations
• 8. Security Considerations
• 9. References

Appendices

• Appendix A. Algorithm Identifier Cross-Reference
• Appendix B. Test Cases for AES_CBC_HMAC_SHA2
• Appendix C. Example ECDH-ES Key Agreement

---

Related Resources

• Official Text: RFC 7518
• Official Page: RFC 7518 DataTracker
• Errata: RFC Editor Errata

JOSE Specification Series

• RFC 7515 - JSON Web Signature (JWS)
• RFC 7516 - JSON Web Encryption (JWE)
• RFC 7517 - JSON Web Key (JWK)
• RFC 7518 - JSON Web Algorithms (JWA) ← This Document
• RFC 7519 - JSON Web Token (JWT)

---

Core Algorithm Overview

Digital Signature and MAC Algorithms

• HS256, HS384, HS512 - HMAC with SHA-2
• RS256, RS384, RS512 - RSASSA-PKCS1-v1_5
• ES256, ES384, ES512 - ECDSA
• PS256, PS384, PS512 - RSASSA-PSS
• none - No integrity protection (not recommended)

Key Management Algorithms

• RSA1_5, RSA-OAEP, RSA-OAEP-256 - RSA Key Encryption
• A128KW, A192KW, A256KW - AES Key Wrap
• dir - Direct use of shared symmetric key
• ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW - ECDH Key Agreement
• A128GCMKW, A192GCMKW, A256GCMKW - AES GCM Key Encryption
• PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW - Password-Based Key Encryption

Content Encryption Algorithms

• A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 - AES CBC with HMAC SHA-2
• A128GCM, A192GCM, A256GCM - AES GCM

---