Svoboda | Graniru | BBC Russia | Golosameriki | Facebook

To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
Languages
Recent
Show all languages
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

JSON Web Encryption

From Wikipedia, the free encyclopedia

JSON Web Encryption
JSON Web Encryption (JWE)
AbbreviationJWE
StatusProposed
Year started16 January 2012 (2012-01-16)
First published16 January 2012 (2012-01-16)
Latest versionMay 2015
OrganizationIETF
SeriesJOSE
Authors
  • Michael Jones
  • Joe Hildebrand
DomainEncryption, authentication
Websitedatatracker.ietf.org/doc/html/rfc7516

JSON Web Encryption (JWE) is an IETF standard providing a standardised syntax for the exchange of encrypted data, based on JSON and Base64.[1] It is defined by RFC 7516. Along with JSON Web Signature (JWS), it is one of the two possible formats of a JWT (JSON Web Token). JWE forms part of the JavaScript Object Signing and Encryption (JOSE) suite of protocols.[2]

Vulnerabilities

In March 2017, a serious flaw was discovered in many popular implementations of JWE, the invalid curve attack.[3]

One implementation of an early (pre-finalised) version of JWE also suffered from Bleichenbacher’s attack.[4]

References

  1. ^ Ng, Alex Chi Keung (26 January 2018). Contemporary Identity and Access Management Architectures: Emerging Research and Opportunities. IGI Global. p. 215. ISBN 978-1-5225-4829-4. JWE is a means of representing encrypted content using JSON data structures.
  2. ^ Fontana, John (January 21, 2013). "Developers getting JSON-based options for enterprise authentication | ZDNet". ZDNet. Retrieved 2018-06-08.
  3. ^ Rashid, Fahmida (27 March 2017). "Critical flaw alert! Stop using JSON encryption". InfoWorld. Retrieved 8 June 2018.
  4. ^ Jager, Tibor; Schinzel, Sebastian; Somorovsky, Juraj (2012), "Bleichenbacher's Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption", Computer Security – ESORICS 2012, Springer Berlin Heidelberg, pp. 752–769, CiteSeerX 10.1.1.696.5641, doi:10.1007/978-3-642-33167-1_43, ISBN 9783642331664, Beyond XML Encryption, the recent JSON Web Encryption (JWE) specification prescribes PKCS#1 v1.5 as a mandatory cipher. This specification is under development and at the time of writing there existed only one implementation following this specification. We verified that this implementation was vulnerable to two versions of the Bleichenbacher's attack: the direct attack based on error messages and the timing-based attack.
Stub icon

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

This page was last edited on 15 July 2022, at 16:45
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy