paseto-spec vs spec

paseto-spec

Specification for Platform Agnostic SEcurity TOkens (PASETO) (by paseto-standard)

Source Code

Suggest alternative

Edit details

spec

Spec and acceptance tests for the Fernet format. (by fernet)

Suggest topics

Source Code

Suggest alternative

Edit details

InfluxDB - Power Real-Time Data Analytics at Scale

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

www.influxdata.com

featured

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

featured

paseto-spec		spec
	Project
4	Mentions	5
146	Stars	416
6.8%	Growth	0.0%
0.0	Activity	0.0
5 months ago	Latest Commit	over 2 years ago
	Language
-	License	-

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

paseto-spec

Posts with mentions or reviews of paseto-spec. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-10-12.

Age and Authenticated Encryption
2 projects | news.ycombinator.com | 12 Oct 2022

Another signcryption scheme as described in the article is also implemented by the libsodium author as an extension:
https://github.com/jedisct1/libsodium-signcryption
It's unclear from the article if this is the same algorithm age uses.
Signcryption schemes are also a good candidate algorithm for replacing JWTs and PASETO as they suffer from no algorithm confusion, and don't need what PASETO calls "Algorithm Lucidity" and serve both plaintext authentication, authenticated encryption, sender receiver verification, and shared key generation that can be used for unlimited encrypted streaming, for example with libsodium's crypto_secretstream API.
https://doc.libsodium.org/secret-key_cryptography/secretstre...
https://github.com/paseto-standard/paseto-spec/blob/master/d...
Paseto is everything you love about JWT without any of the design deficits
4 projects | news.ycombinator.com | 2 Oct 2022
PASETO Reference Implementation Release Notes (new protocol versions)
2 projects | /r/crypto | 2 Aug 2021

The rationale for V3/V4 may be of particular interest for this forum.
PASETO v2.0.0 released! (Lengthy release notes)
5 projects | /r/PHP | 2 Aug 2021

Whether you're curious or skeptical, we believe in transparency, so the detailed rationale for these exact changes in V3/V4 is available here.

spec

Posts with mentions or reviews of spec. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-10-02.

Have You Ever Heard of the Fernet Encryption Algorithm?
1 project | news.ycombinator.com | 22 Aug 2023

https://github.com/fernet/spec/blob/master/Spec.md
It's just a simple format specification using standard crypto primitives.
> AES in CBC mode with a 128-bit key for encryption; using PKCS7 padding.
> HMAC using SHA256 for authentication.
Paseto is everything you love about JWT without any of the design deficits
4 projects | news.ycombinator.com | 2 Oct 2022
Help request. Python to go.
2 projects | /r/golang | 1 May 2022

So, you are using an implementation of Fernet spec, which describe a specific token format. So, you basically need to implement the same spec in Go. You may have a look at https://github.com/fernet/fernet-go
Following this guide to encrypt an image file using crypto/fernet module -- but is this secure? What algo is it using to encrypt?
2 projects | /r/learnpython | 17 Nov 2021

I googled the fernet specification for you: https://github.com/fernet/spec/blob/master/Spec.md