isoA to Cryptography@infosec.pubEnglish · 1 year ago

Can RSA be used for web API authentication?

8

4

Can RSA be used for web API authentication?

isoA to Cryptography@infosec.pubEnglish · 1 year ago

8

I need to

encrypt JSON payload (not just sign)
not share private key
verify the payload is generated with the shared public key and RSA fitting all of these.

As I’ve only made auth with JWT so far, I’m not sure. If I use RSA, I guess I have to put the encrypted text in the body.

Do you think it can be used? Any other suggestions?

Chat

isoOPA
link
fedilink
English
arrow-up
2·
2 days ago
I wanted to let my users encrypt their payload with my public key so only I can decrypt that payload. Just like how PGP works. Eventually I’ve used hybrid encryption with AES for encrypting the payload and RSA for encrypting AES secret key.

Just to let you know this post is almost 2 years old :)

Cryptography@infosec.pub

crypto@infosec.pub

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !crypto@infosec.pub

Questions, answers, discussions, and literature on the theory and practice of cryptography

Related resources;

Reddit cryptography forums 1 & 2; /r/crypto /r/cryptography
Cryptology ePrint archive
Discussion site for ePrint papers
Libera Chat’s IRC:s #crypto - (IRC protocol URL)
Metzdowd cryptography mailing list
Randombit cryptography mailing list
StackExchange cryptography community

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

17 users / day
39 users / week
39 users / month
61 users / 6 months
2 local subscribers
366 subscribers
14 Posts
16 Comments
Modlog