•  
  •  
 

Document Type

Article

Keywords

Authentication, Authorization, JWT, Quantum-safe Signatures, Hybrid Signatures

Abstract

The surge in internet use has made authentication and authorization essential for protecting users’ privacy and security in web applications. JSON Web Token (JWT), a token-based authentication mechanism, stands out as a desirable choice for its scalability, ease of use, and interoperability. However, existing JWT signing algorithms, which rely on mathematical problems such as factoring large integers and discrete logarithms, are vulnerable to quantum computing breakthroughs, which poses significant security risks. Addressing this challenge requires evaluating quantum-safe alternatives for JWT authentication. While prior research has focused on limited sets of post-quantum algorithms, a comprehensive evaluation of all standardized algorithms remains unexplored. This study presents the first such evaluation within the JWT authentication framework, analysing algorithms recommended by the National Institute of Standards and Technology (NIST), including Falcon, SPHINCS+, and Dilithium, and their hybrid counterparts. We compare their performance against traditional algorithms such as RS256, ES256, PS256, and HS256. Our experimental results reveal that Falcon is the most efficient quantum-safe algorithm, with a token generation time of 18.68 ms and verification time of 0.65 ms, whereas SuperFalcon outperforms hybrid algorithms, with generation and verification times of 1.19 ms and 1.81 ms, respectively. These findings establish a foundation for transitioning JWT systems to quantum-safe cryptographic standards.

Download

Share

COinS