What is the difference between JOSE, JWA, JWE, JWK, JWS and JWT?

What is the difference between JOSE, JWA, JWE, JWK, JWS and JWT and how are they related to one another?

Solution

JOSE stands for JSON Object Signing and Encryption. It's a set of standards used to sign and encrypt data using JSON-based data structures. In other words, JWA, JWE, JWK, JWS, and JWT are all part of JOSE.

TL;DR:

JWA: Defines a set of crypto algorithms and identifiers used in JWE, JWK and JWS.
JWK: Defines a representation of crypto keys used as input for the algorithms defined in JWA using JSON-based data structures.
JWE: Defines encrypted content using JSON-based data structures. The encryption/decryption is performed with the algorithms defined in JWA.
JWS: Defines signed content using JSON-based data structures. The signing/verification is performed with the algorithms defined in JWA
JWT: Defines subject claims using JSON-based data structures. The claims can be optionally protected via JWE or JWS.

Longer version:

JWE (JSON Web Encryption) represents encrypted content using JSON-based data structures. JWE is used to share data between parties with authentication (ensure data comes from sender it claims to be), confidentiality (ensure only receiver can decrypt data), and integrity (ensure data was not altered by a third-party during transit). JWE supports both symmetric key cryptography (single key used to encrypt and decrypt) and asymmetric key cryptography (public key used to encrypt, private key used to decrypt).

JWS (JSON Web Signture) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. JWS is used to share data between parties with authentication and integrity. JWS provides a lighter weight counterpart to JWE when confidentiality is not required. JWS supports symmetric key-based MACs (single key used to sign and verify) and asymmetric key-based digital signatures (private key used to sign, public key used to verify).

JWE encryption and JWS signing is performed using a cryptographic algorithm. These algorithms and their corresponding identifiers are defined in JWA (JSON Web Algorithms).

The cryptographic algorithms specified in JWA use cryptographic keys as input. JWK (JSON Web Key) defines a representation of cryptographic keys using JSON-based data structures.

JWT (JSON Web Token) is a compact, URL-safe means of representing claims about a subject to be transferred between two parties. A JWT is a form of claims-based identities used in claims-based authentication. JWTs can be optionally protected via JWE or JWS. The minimal representation of a JWT consists of a JOSE header and the claims (also known as payload in the context of JWS and plaintext in the context of JWE).

Here are three JWT values for the claim { "foo": "bar" }:

Unprotected (no signature/encryption):

Minimum JOSE header is: { "alg": "none" }
JWT value is: eyJhbGciOiJub25lIn0.eyJmb28iOiJiYXIifQ (header + "." + claims)

Protected via JWS:

Using JWA with id: HS256 (HMAC using SHA-256)
Using JWK with value: { "kty": "oct", "k": "AAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8" }
Minimum JOSE header is: { "alg": "HS256" }
JWT value is: eyJhbGciOiJIUzI1NiJ9.eyJmb28iOiJiYXIifQ.QqnxrmVYNzUZe2xJeSZIBMoELSfxW144gSAvdBTeXCo (header + "." + payload + "." + signature)

Protected via JWE:

Using Key Management Mode: dir (Direct Encryption)
Using JWA with id: A256GCM (AES GCM using 256-bit key)
Using JWK with value: { "kty": "oct", "k": "AAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8" }
Minimum JOSE header is: { "alg": "dir", "enc": "A256GCM" }
A possible JWT value is: eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..69fkCssY6yzSKVtt.3kRb3CHlZdwB1kBrwQ.mkwzT_wBpi6W7mXgjbxmvw (header + ".." + initialization vector + "." + ciphertext + "." + authentication tag)

Note: The word "possible" is used in the JWE example because the IV (initialization vector) is randomly-generated. Thus there are many valid variants of the same JWT claims encrypted with JWE using the same key.