EdDSA-signed access tokens in Connect2id server 9.4

EdDSA for heavy-trafficked OAuth 2.0 server deployments

With this new release of the Connect2id server JWT-encoded access tokens can now be signed with the high-performance EdDSA algorithm. Our benchmarks show a 62x boost over 2048-bit RSA signature (JWS RS256) generation, with verification performance remaining roughly on par. Spending fewer CPU cycles processing tokens on the resource server side matters also, because it weighs on the request processing latency and throughput. The size of the JWT signature is reduced 4 fold.

Operation Ed25519 RSA 2048 ECDSA P-256
Sign 14635 ops/s 236 ops/s 1083 ops/s
Verify 5065 ops/s 8598 ops/s 687 ops/s

EdDSA signed access tokens can significantly improve the performance of heavy trafficked OAuth 2.0 servers that secure public web APIs or microservices. Because the Connect2id server spends significant CPU time signing tokens, EdDSA can also result in reduced CPU bills.

Sample access token with EdDSA:

eyJraWQiOiIyN3pWIiwidHlwIjoiYXQrand0IiwiYWxnIjoiRWREU0EifQ.eyJzdWIiOiJhbGljZSIsI
nNjcCI6WyJvcGVuaWQiLCJlbWFpbCJdLCJjbG0iOlsiIUJnIl0sImlzcyI6Imh0dHA6XC9cLzEyNy4wL
jAuMTo4MDgwXC9jMmlkIiwiZXhwIjoxNTg5ODkwNjMyLCJpYXQiOjE1ODk4OTAwMzIsInVpcCI6eyJnc
m91cHMiOlsiYWRtaW4iLCJhdWRpdCJdfSwianRpIjoiSHZzb0dPU1pUWm8iLCJjaWQiOiIwMDAxMjMif
Q.il7TK6cXdZQzh-WD7rKnvydrCxtjYO_owzfxwJkpVgUjrzPOpeD2pQHImn9NQkUXpwqIPELXFQ3B2Q
912aw4Aw

Decoded:

{
  "typ": "at+jwt"
  "alg": "EdDSA",
  "kid": "27zV"
}
.
{
  "iss": "https://c2id.com",
  "aud": [ "https://c2id.com" ],
  "sub": "alice",
  "cid": "123",
  "scp": [ "openid", "email" ],
  "clm": [ "!Bg" ],
  "iat": 1589890032,
  "exp": 1589890632,
  "uip": { "groups": [ "admin", "audit" ] },
  "jti": "HvsoGOSZTZo"
}
.
il7TK6cXdZQzh-WD7rKnvydrCxtjYO_owzfxwJkpVgUjrzPOpeD2pQHImn9NQkUXpwqIPELXFQ3B2Q
912aw4Aw

How to roll-over to EdDSA-signed access tokens:

  1. Make sure your resource servers can handle tokens signed with EdDSA / Ed25519 (in addition to RSA). The Nimbus JOSE+JWT library has had EdDSA EdDSA since version 6.0. Check out the example code and the library guide for access token validation. If you're using another library or framework for resource servers to validate JWTs it needs to be compliant with the RFC 8037 spec for EdDSA.

  2. Add a signing Ed25518 key to the Connect2id server JWK set. For that you can use the latest version of the provided generator to create a new JWK set, then extract the Ed25519 key from it with the following command:

    cat jwkSet.json | jq '.keys[] | select(.kty=="OKP" and .crv=="Ed25519" and .use=="sig")'
    
  3. Set the preferred JWS algorithm for the issued access tokens to EdDSA:

    authzStore.accessToken.jwsAlgorithm=EdDSA
    
  4. Restart / roll-over the Connect2id server to start signing the access tokens with EdDSA. For the multi-tenant Connect2id server it suffices to upload the updated configuration.

Other updates

This release also updates a number of dependencies to their latest stable versions and fixes two issues.

Check the release notes for more information.

Download

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 9.4: Connect2id-server.zip

SHA-256: 10302870dba1756d0a3ce53589ef02da818b8c9703a196b7470343891e00223d

Connect2id server 9.4 WAR package: c2id.war

SHA-256: 74c7fcbad60722aee0521bb98215fb0cfae131f5b0416e2cd993c71f3eb222cc

Multi-tenant edition

Apache Tomcat package with Connect2id server 9.4: Connect2id-server-mt.zip

SHA-256: 8116083061a1e2d5f905ad6c30350006b764ae655744710f5fd60400e98e540f

Connect2id server 9.4 WAR package: c2id-multi-tenant.war

SHA-256: c94607335d397f5f0024b70b845e4e2cf133ab0d04d6159aaea651e4626a646a

Questions?

Contact Connect2id support.


Release notes

9.4 (2020-05-20)

Summary

  • Adds support for issuing EdDSA signed JWT-encoded access tokens. Choose EdDSA (RFC 8037) for increased performance and compact signatures. Connect2id benchmarks show EdDSA signature generation with an Ed25519 key receiving a 62x boost over 2048-bit RSA (RS256), with verification remaining roughly on par. The JWT signature size is reduced 4 fold.

    To roll-over to EdDSA signed JWT-encoded access tokens provision the Connect2id server JWK set with a signing Ed25519 key and set the JWS algorithm for access tokens to "EdDSA". Check the configuration notes for details.

Configuration

  • /WEB-INF/jwkSet.json

    • Introduces a new optional Ed25519 octet key pair JWK (key type "OKP") with curve "Ed25519", use "sig" (signature) and requiring a unique key ID. Intended for issuing EdDSA signed JWT-encoded access tokens. To generate and roll-over the EdDSA signing key you can use the latest available Connect2id server JWK set generator, see https://connect2id.com/products/server/docs/config/jwk-set#generation
  • /WEB-INF/authzStore.properties

    • authzStore.accessToken.jwsAlgorithm -- Adds support for signing issued JWT-encoded access tokens with the "EdDSA" JWS algorithm (RFC 8037). Requires the Connect2id server JWK set to be provisioned with a signing Ed25519 key. The default JWS algorithm for signing remains "RS256" with an 2048-bit RSA key due to the ubiquitous JWT library support for RS256.

Resolved issues

  • Calls to the ClaimsSource from a TokenIntrospectionResponseComposer SPI implementation should automatically include any "claims_data" if available for the introspected access token (issue server/561).

  • Fixes a bug which prevented persistence of client registrations into an SQL database where the client_id contains a colon (:) character in combination with some non-alphanumeric characters preceding it. Affected the single-tenant edition of the Connect2id server (issue server/563).

Dependency changes

  • Upgrades to com.nimbusds:oauth2-authz-store:14.7

  • Updates to com.nimbusds:nimbus-jose-jwt:8.17

  • Updates to BouncyCastle 1.65

  • Updates to OpenSAML 3.4.5

  • Updates to com.nimbusds:lang-tag:1.5

  • Updates to com.amazonaws:aws-java-sdk-bundle:1.11.782

  • Updates to com.zaxxer:HikariCP:3.4.5

  • Updates to org.mariadb.jdbc:mariadb-java-client:2.6.0

  • Updates to org.postgresql:postgresql:42.2.12

  • Updates to com.microsoft.sqlserver:mssql-jdbc:8.2.2.jre11

  • Updates DropWizard Metrics to 4.1.8

  • Updates Prometheus to 0.9.0

  • Updates Log4j to 2.13.3