Skip to main content

5. Cryptographic Algorithms for Content Encryption

5.1 "enc" Header Parameter Values for JWE

Content encryption algorithms supported by JWE:

"enc" Param Value	Content Encryption Algorithm	Implementation Requirements
A128CBC-HS256	AES_128_CBC_HMAC_SHA_256	Required
A192CBC-HS384	AES_192_CBC_HMAC_SHA_384	Optional
A256CBC-HS512	AES_256_CBC_HMAC_SHA_512	Required
A128GCM	AES GCM using 128-bit key	Recommended
A192GCM	AES GCM using 192-bit key	Optional
A256GCM	AES GCM using 256-bit key	Recommended

5.2 AES_CBC_HMAC_SHA2 Algorithms

This is a combined encryption and authentication algorithm that combines:

AES CBC mode for encryption
HMAC SHA-2 for authentication

Key Features:

Provides Authenticated Encryption
CEK is used for both encryption and MAC computation
Supports three key size configurations

Algorithm Variants:

A128CBC-HS256: AES-128-CBC + HMAC-SHA-256 (256-bit CEK)
A192CBC-HS384: AES-192-CBC + HMAC-SHA-384 (384-bit CEK)
A256CBC-HS512: AES-256-CBC + HMAC-SHA-512 (512-bit CEK)

5.3 AES GCM Content Encryption

AES Galois/Counter Mode (GCM) is an authenticated encryption algorithm:

Provides confidentiality and integrity protection
Efficient hardware implementation
Supports Additional Authenticated Data (AAD)

Algorithm Variants:

A128GCM: Using 128-bit key
A192GCM: Using 192-bit key
A256GCM: Using 256-bit key

GCM Parameters:

Initialization Vector: 96-bit random value
Authentication Tag: 128-bit authentication tag

Selection Recommendations:

Prefer using AES-GCM algorithms (more efficient)
AES_CBC_HMAC_SHA2 provides broad compatibility
Choose appropriate key lengths based on security requirements

5.1 "enc" Header Parameter Values for JWE
5.2 AES_CBC_HMAC_SHA2 Algorithms
- Key Features:
- Algorithm Variants:
5.3 AES GCM Content Encryption
- Algorithm Variants:
- GCM Parameters: