0Pricing
Cryptology Academy · Lesson

JWT Vulnerabilities: alg=none & Key Confusion

Exploit and fix the most common JWT security mistakes.

JWT Attack Surface

JWTs are cryptographically signed but many libraries had severe vulnerabilities. The most exploited: the alg=none attack, the RS256→HS256 confusion attack, and weak secret brute-forcing. All stem from trusting attacker-controlled header fields.

alg=none Attack

The JWT spec allows alg:"none" for unsecured tokens. Buggy libraries accepted this and skipped signature verification entirely. An attacker modifies the payload (e.g., "role":"admin"), sets alg:"none", strips the signature, and the server accepts it.

All lessons in this course

  1. JWT Anatomy: Header, Payload, Signature
  2. HS256 vs RS256: Symmetric vs Asymmetric JWTs
  3. JWT Vulnerabilities: alg=none & Key Confusion
  4. Secure JWT Implementation Best Practices
← Back to Cryptology Academy