JavaScript Object Signing and Encryption

Description

JavaScript Object Signing and Encryption (JOSE) is a set of IETF standards (RFC 7515–7519) that define methods for securely transmitting information as JSON objects. It provides a compact, URL-safe representation of signed, encrypted, or integrity-protected data, making it suitable for web and API security. The framework comprises several components: JWS (JSON Web Signature) for digital signatures or MACs, JWE (JSON Web Encryption) for encryption, JWK (JSON Web Key) for key representation, and JWA (JSON Web Algorithms) for algorithm identifiers. In 3GPP networks, JOSE is adopted primarily in service-based architectures (SBA), such as the 5G core (5GC), to secure HTTP/2-based communications between network functions (NFs).

JOSE works by serializing JSON objects into a compact form, often using Base64Url encoding, and applying cryptographic operations based on specified algorithms. For example, JWS creates a signature over a payload (which can be any data, like a JWT or plain JSON) using algorithms like HMAC SHA-256 or RSA-PSS, producing a JWS object with a header, payload, and signature. JWE encrypts the payload using symmetric or asymmetric cryptography, such as AES-GCM or RSA-OAEP, resulting in a JWE object with encrypted content and possibly a key encryption layer. These objects are transmitted as strings, easily embedded in HTTP headers or bodies.

In the 3GPP context, JOSE is specified in documents like 29.573 for security aspects of service-based interfaces. It enables mutual authentication, integrity protection, and confidentiality for API calls between NFs, such as between the AMF (Access and Mobility Management Function) and SMF (Session Management Function). The framework supports a variety of algorithms, allowing operators to choose based on security requirements and performance constraints. JOSE objects, particularly JWTs (JSON Web Tokens), can also carry claims for authorization, such as in OAuth 2.0 flows used for network function service registration and discovery.

Key architectural elements include the use of JSON for flexibility and human-readability, combined with strong cryptography. JOSE integrates with TLS for transport security, adding an application-layer protection that is independent of the underlying network. This is crucial in 5G's cloud-native environment, where NFs may be deployed across different trust domains. The framework's modularity allows 3GPP to specify profiles, such as mandatory-to-implement algorithms, ensuring interoperability between vendors while maintaining high security standards for sensitive network signaling.

Purpose & Motivation

JOSE was developed to address the lack of a standardized, lightweight method for securing JSON data in web APIs and microservices. Before its adoption, systems often used proprietary or ad-hoc formats for signatures and encryption, leading to interoperability issues and security vulnerabilities. The rise of RESTful APIs and JSON as a dominant data interchange format necessitated a consistent framework that could provide cryptographic assurances without complex binary encodings.

In 3GPP networks, the introduction of JOSE in Release 15 was motivated by the shift to a service-based architecture (SBA) in the 5G core. Previous generations relied on protocol-specific security, such as IPsec or Diameter with TLS, but 5G's HTTP/2-based interfaces required a more flexible, application-level security mechanism. JOSE solves problems like securing service messages between distributed network functions, enabling fine-grained access control, and supporting stateless authentication with tokens. It complements transport-layer security by providing end-to-end protection that persists across intermediaries.

The historical context includes the growing use of JSON Web Tokens (JWT) in OAuth 2.0 and OpenID Connect, which 3GPP leveraged for service authorization. JOSE's ability to handle both signing and encryption in a compact format made it ideal for 5G's low-latency, high-volume signaling. It addresses limitations of previous approaches by offering algorithm agility, reducing payload size compared to XML-based standards like XML Signature and Encryption, and aligning with modern web standards. This ensures that 5G networks can securely interconnect with internet services and cloud platforms, supporting innovations like network exposure and edge computing.

Key Features

• Standardized JSON-based formats for signatures (JWS) and encryption (JWE)
• Support for multiple cryptographic algorithms (e.g., RSA, ECDSA, AES) via JWA
• Compact and URL-safe representation using Base64Url encoding
• Integration with JWTs for token-based authentication and authorization
• Key representation and management through JWK (JSON Web Key)
• Algorithm agility allowing future-proof security updates

Evolution Across Releases

Defining Specifications