paint-brush
New Standard Addresses Shortcomings of JSON Web Tokensby@jossonk
170 reads

New Standard Addresses Shortcomings of JSON Web Tokens

by Josson PaulJanuary 9th, 2025
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

PASETO is a new standard for creating secure, stateless tokens. Built to address the shortcomings of JWT tokens. PASETO prioritizes security, simplicity, and ease of use.
featured image - New Standard Addresses Shortcomings of JSON Web Tokens
Josson Paul HackerNoon profile picture

PASETO (Platform-Agnostic Security Tokens) is a new standard for creating secure, stateless tokens, widely used in authentication and authorization. Built to address the shortcomings of JSON Web Tokens (JWT), PASETO prioritizes security, simplicity, and ease of use, making it an excellent choice for modern applications.


JWT tokens come with challenges, especially in cryptographic configuration, where flexibility can sometimes lead to vulnerabilities. PASETO eliminates this risk by enforcing the use of strong, predefined cryptographic algorithms. This ensures security without requiring developers to make complex cryptographic decisions. This design minimizes the chance of errors by providing a safer alternative to JWT


Another advantage of PASETO is its straightforward implementation. Developers don’t need to go through endless cryptographic options or worry about choosing the wrong algorithm. Each PASETO version comes with a carefully selected set of secure cryptographic tools, making it easier to integrate while maintaining high security standards.


Whether you are securing user sessions, transmitting sensitive data, or building scalable authentication systems, PASETO offers a modern, developer-friendly solution. By addressing the complexities and vulnerabilities of older token standards, PASETO has set a new benchmark for secure token-based communication

Structure of PASETO token

PASETO token consists of three or four parts. Each part is separated by “.“ Below is the structure of PASETO token.

<Version>.<Purpose>.<Payload>.<optional_footer>


Sample PASETO token

Version: This indicates the protocol version used to generate the token.

Purpose: There are two options here. Local (In this case, the token will be encrypted) and Public (In this case, the token will be signed). Payload: This contains the Claims and Data. For the local tokens, the payload is encrypted with a secret key and base64 encoded. For public tokens, the payload is in plain text and base64 encoded.

Footer: This is an optional section. And contains non sensitive information.

Version

PASETO comes in multiple versions. Developers don't need to go through endless cryptographic options or worry about choosing the wrong algorithms. Each PASETO version designed with specific cryptographic standards and use cases in mind. The version determines the cryptographic algorithms used and defines how tokens are generated and verified. As of today, there are 4 versions of PASETO available


Version 1: This is designed for legacy applications that needs to maintain both old and new security standards

Version 2: This is desinged for modern secure cryptographic standards

Version 3: This is designed for National Institute of Standards and Technology standards.

Version 4: This combines the strength of both V2 and V3

Purpose

  • Local


Local PASETO tokens are secure and encrypted. It uses symmetric encryption algorithm to protect sensitive information. This symmetric encryption ensures that the data within the token remains confidential and cannot be accessed by unauthorized parties. Only entities possessing the shared secret key can decrypt the token and retrieve the payload. See the diagram below to understand the interaction in case of PASETO ‘local‘ .

Local PASETO interaction


Example Token generation code for ‘local‘ PASETO token.


from pyseto import PasetoV2
from pyseto.exceptions import PasetoError
import os

# Function to create a v2 local PASETO token
def create_v2_local_paseto(secret_key: bytes, payload: dict) -> str:
    """
    Create a v2 local PASETO token.

    Args:
        secret_key (bytes): A 32-byte key for encryption.
        payload (dict): The data to include in the token.

    Returns:
        str: The generated PASETO token.
    """
    # Initialize PASETO v2 with local purpose
    token = PasetoV2()
    try:
        # Encrypt the payload to create a local token
        paseto_token = token.encrypt(secret_key, payload, footer=b"optional-footer")
        return paseto_token
    except PasetoError as e:
        raise ValueError(f"Error generating PASETO token: {e}")

# Example usage
if __name__ == "__main__":
    # Generate a random 32-byte key (use a secure key in production)
    secret_key = os.urandom(32)

    # Define the payload (data) for the token
    payload = {
        "user_id": 12345,
        "username": "example_user",
        "exp": "2025-12-31T23:59:59Z"
    }

    # Create the token
    try:
        token = create_v2_local_paseto(secret_key, payload)
        print("Generated PASETO Token:", token)
    except ValueError as error:
        print("Error:", error)


  • Public


Public PASETO tokens are cryptographically signed using an asymmetric key pair, consisting of a private key (used to sign the token) and a public key (used to verify its authenticity). Unlike local PASETO tokens, public tokens do not encrypt their payload, meaning the data is visible to anyone who has access to the token. However, the signature ensures the integrity and authenticity of the data, making public PASETO tokens highly secure against tampering. See the diagram below to understand the interaction in case of PASETO ‘public‘


Public PASETO interaction


Example Token generation code for ‘public‘ PASETO token.


from pyseto import PasetoV2
from pyseto.keys import AsymmetricKey
from pyseto.exceptions import PasetoError

def create_v2_public_paseto(private_key: AsymmetricKey, payload: dict) -> str:
    """
    Create a v2 public PASETO token.

    Args:
        private_key (AsymmetricKey): The private key for signing the token.
        payload (dict): The data to include in the token.

    Returns:
        str: The generated PASETO token.
    """
    # Initialize PASETO v2 with public purpose
    token = PasetoV2()
    try:
        # Sign the payload to create a public token
        paseto_token = token.sign(private_key, payload, footer=b"optional-footer")
        return paseto_token
    except PasetoError as e:
        raise ValueError(f"Error generating PASETO token: {e}")

# Example usage
if __name__ == "__main__":
    # Generate a key pair (private and public keys)
    private_key = AsymmetricKey.generate()
    public_key = private_key.public_key()

    # Define the payload (data) for the token
    payload = {
        "user_id": 12345,
        "username": "example_user",
        "exp": "2025-12-31T23:59:59Z"
    }

    # Create the token
    try:
        token = create_v2_public_paseto(private_key, payload)
        print("Generated PASETO Token:", token)

        # Optional: Display the public key (use it to verify the token)
        print("Public Key:", public_key.encode().decode())
    except ValueError as error:
        print("Error:", error)


PASETO Payload

PASETO payload contains Claims. Each JSON key is a claim in PASETO. There are some reserved Claim keys. Please refer to the PASETO official documentation to know more on this.


Below is the decoded and decrypted payload from this PASETO token

v2.local.8viT-VasSDp29hTrKNmBEBTfiAAYyMKji0RQtm7fYwRVRK7TvrEhwYCVXHd0EtxkJp_oEz8viyE.WG9vZWZvb3Rlcg


Claims

Footer is an optional component in PASETO token. It contains a base64 encoded string. It can contain meta data information that is not part of the Payload.

Use Cases of PASETO

  • Stateful server-side sessions using the local token
  • Stateless authentication with public-key cryptography
  • For secure inter-service communication where confidentiality and integrity are critical.
  • As a secure alternative to JWT for issuing access and refresh tokens.
  • For encrypted communication in client-server or peer-to-peer systems
  • Scenarios where you need strict control over encryption and signing without risking insecure configurations.

Not a Use case of PASETO

PASETO tokens are not re-usable. If you have an application which needs to re-use the tokens, PASETO is not for you.

Summary

PASETO is an excellent choice for new projects prioritizing security and simplicity in token handling. Built on strong cryptographic foundations, PASETO mitigates common vulnerabilities such as algorithm confusion and insecure token formats, promoting better key management practices and ensuring robust protection. It offers two different types of tokens to suit various architectural needs: local tokens, ideal for stateful server-side sessions in traditional web applications, and public tokens, designed for stateless environments like micro services and API-driven architectures. With its focus on security, ease of use, and well-defined use cases, PASETO is a reliable standard for projects requiring high-security measures and standardized token solutions.

References

https://developer.okta.com/blog/2019/10/17/a-thorough-introduction-to-paseto#what-is-paseto

https://medium.com/@teal33t/breaking-down-paseto-vs-jwt-which-token-is-right-for-you-f084ed952586

https://paseto.io/