paseto-spec
spec
paseto-spec | spec | |
---|---|---|
4 | 5 | |
146 | 416 | |
6.8% | 0.0% | |
0.0 | 0.0 | |
5 months ago | over 2 years ago | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
paseto-spec
-
Age and Authenticated Encryption
Another signcryption scheme as described in the article is also implemented by the libsodium author as an extension:
https://github.com/jedisct1/libsodium-signcryption
It's unclear from the article if this is the same algorithm age uses.
Signcryption schemes are also a good candidate algorithm for replacing JWTs and PASETO as they suffer from no algorithm confusion, and don't need what PASETO calls "Algorithm Lucidity" and serve both plaintext authentication, authenticated encryption, sender receiver verification, and shared key generation that can be used for unlimited encrypted streaming, for example with libsodium's crypto_secretstream API.
https://doc.libsodium.org/secret-key_cryptography/secretstre...
https://github.com/paseto-standard/paseto-spec/blob/master/d...
- Paseto is everything you love about JWT without any of the design deficits
-
PASETO Reference Implementation Release Notes (new protocol versions)
The rationale for V3/V4 may be of particular interest for this forum.
-
PASETO v2.0.0 released! (Lengthy release notes)
Whether you're curious or skeptical, we believe in transparency, so the detailed rationale for these exact changes in V3/V4 is available here.
spec
-
Have You Ever Heard of the Fernet Encryption Algorithm?
https://github.com/fernet/spec/blob/master/Spec.md
It's just a simple format specification using standard crypto primitives.
> AES in CBC mode with a 128-bit key for encryption; using PKCS7 padding.
> HMAC using SHA256 for authentication.
- Paseto is everything you love about JWT without any of the design deficits
-
Help request. Python to go.
So, you are using an implementation of Fernet spec, which describe a specific token format. So, you basically need to implement the same spec in Go. You may have a look at https://github.com/fernet/fernet-go
-
Following this guide to encrypt an image file using crypto/fernet module -- but is this secure? What algo is it using to encrypt?
I googled the fernet specification for you: https://github.com/fernet/spec/blob/master/Spec.md
What are some alternatives?
Halite - High-level cryptography interface powered by libsodium
fernet-go - Fernet generates and verifies HMAC-based authentication tokens.
php-jwt - PHP package for JWT
branca - :key: Secure alternative to JWT. Authenticated Encrypted API Tokens for Go.
paseto - Platform-Agnostic Security Tokens
libsodium-signcryption - Signcryption using libsodium.