JWK
cryptographyFull Name: JSON Web Key
Definition
JWK (JSON Web Key) is an IETF standard defined in RFC 7517 that provides a JSON-based format for representing cryptographic keys. As part of the JOSE family of specifications, JWK enables standardized key distribution, discovery, and management across the EUDI Wallet ecosystem. Credential issuers publish their signing keys as JWK Sets, allowing verifiers worldwide to validate credential authenticity without bilateral key exchange agreements.
JWK Structure and Key Parameters
A JWK is a JSON object containing parameters that describe a cryptographic key. The required parameters include kty (key type, such as "EC", "RSA", or "OKP") and key-type-specific parameters that contain the actual cryptographic material. For elliptic curve keys commonly used in EUDI Wallets, these include crv (curve name, typically "P-256"), x and y (the public key coordinates).
Optional but practically essential parameters include kid (key ID, a unique identifier for the key), use (intended key use: "sig" for signing or "enc" for encryption), alg (the algorithm the key is intended for, such as "ES256"), and key_ops (permitted key operations like "sign", "verify", "encrypt", "decrypt").
For EUDI Wallet credential signing, a typical issuer JWK contains only the public key components. The private key component (d for EC keys) is kept securely on the issuer's infrastructure, ideally within a Hardware Security Module (HSM). This separation ensures that verifiers can validate signatures without ever having access to the signing key material.
JWK Sets and Key Discovery in EUDI Wallets
A JWK Set (JWKS) is a JSON structure containing a keys array with multiple JWK objects. EUDI Wallet credential issuers publish their JWK Sets at well-known URLs, following the pattern established by OpenID Connect. This allows any verifier to automatically discover and retrieve the public keys needed to validate credentials.
The key discovery process in the EUDI Wallet ecosystem typically works as follows: a verifier receives a credential signed with a specific key ID. The verifier checks the credential issuer identifier, retrieves the issuer's metadata (which includes the JWKS endpoint URL), fetches the JWK Set from that endpoint, locates the key matching the credential's kid header, and uses that key to verify the JWS signature.
This approach enables a highly scalable trust model. A verifier does not need pre-configured relationships with every possible issuer. Instead, it trusts a set of root certificates (from the EUDI Wallet trust framework), and any issuer whose signing key chains back to a trusted root can issue verifiable credentials. The JWK infrastructure makes this dynamic trust resolution possible.
Key Rotation and Lifecycle Management
Key rotation is a critical security practice in the EUDI Wallet ecosystem, and JWK Sets are designed to support it gracefully. When an issuer rotates its signing key, the new key is added to the JWK Set while the old key remains available. Credentials signed with the old key continue to verify successfully because the old public key is still in the published JWK Set.
Best practices for JWK lifecycle management in EUDI Wallet systems include using unique key IDs that never collide, setting appropriate cache durations for JWK Set responses (balancing security with performance), maintaining retired keys in the JWK Set for a grace period after rotation, and documenting key purposes and algorithms to prevent misuse.
The EUDI Wallet trust framework establishes additional requirements for key management, including minimum key lengths, approved algorithms, and certificate chain validation. Issuer JWKs typically include an x5c parameter containing the X.509 certificate chain, linking the JWK to the broader PKI trust infrastructure that underpins the EUDI Wallet system.
JWK in Wallet Device Key Management
Beyond issuer keys, JWK is also used to represent device keys within the EUDI Wallet application. When a wallet creates a device key pair in its secure hardware, the public portion of that key is represented as a JWK and bound to the credential during issuance. This device key enables holder binding -- proving that the credential is presented by its rightful owner.
During credential presentation, the wallet signs a key binding proof using the device private key. The verifier checks this proof against the device public key (embedded as a JWK in the credential), confirming that the presenter possesses the private key associated with the credential. This mechanism prevents credential sharing or theft, as the private key never leaves the device's secure hardware.