Beast Attack in Axum with Jwt Tokens
Beast Attack in Axum with Jwt Tokens — how this specific combination creates or exposes the vulnerability
A Beast Attack (Browser Exploit Against SSL/TLS) targets block ciphers in TLS by making many requests and analyzing how each request changes the ciphertext. When JWT tokens are used for authentication in an Axum service, the token itself does not change between requests, but the encrypted TLS stream can reveal patterns if the same plaintext produces different ciphertexts across requests. In Axum, if endpoints that accept or validate JWT tokens do not enforce strict request uniqueness or if the token is transmitted in a predictable location (e.g., a static Authorization header), an attacker can correlate ciphertext changes to infer token validity or session behavior. This becomes a risk when token validation logic interacts with TLS configurations that use block ciphers without proper mitigations, such as absent or misconfigured TLS_AES ciphersuites or lack of record size randomization.
In Axum, JWT tokens are typically validated in middleware or via extractors. If the application does not ensure that each request results in a distinct TLS record pattern—for example, by including a nonce or timestamp in the request body or headers that change per call—an attacker performing a Beast Attack can observe ciphertext differences and gradually deduce information about the token structure or presence of specific claims. This is especially relevant when tokens carry non-sensitive metadata and the service echoes parts of the token or its claims in responses, providing side-channel hints. The combination of predictable token usage and weak TLS configuration amplifies the exposure, as the attack focuses on the encrypted channel rather than breaking the token algorithm itself.
To detect this using middleBrick, you can submit your Axum endpoint URL and observe findings related to Encryption and Input Validation. The scanner checks for missing TLS mitigations and whether JWT tokens are transmitted in a consistent, predictable way across requests. Findings will highlight weak cipher suites or lack of randomness in request patterns that could facilitate a Beast Attack, alongside remediation guidance mapped to OWASP API Top 10 and relevant compliance frameworks.
Jwt Tokens-Specific Remediation in Axum — concrete code fixes
Remediation focuses on ensuring each request produces distinct TLS records and that JWT validation does not leak information through side channels. In Axum, you can introduce per-request randomness in headers or body, enforce strong ciphersuites, and standardize how tokens are handled. Below is a concrete Axum middleware example that adds a request-specific value and validates JWT tokens safely.
use axum::{async_trait, extract::FromRequestParts, http::request::Parts, middleware, Router}; use std::{convert::Infallible, sync::Arc}; use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation}; use tower_http::set_header::SetResponseHeaderLayer;// Shared state with a strong decoding key and enforced algorithm
struct JwtConfig { decoding_key: DecodingKey, validation: Validation }
impl JwtConfig { fn new(secret: &[u8]) -> Self { Self { decoding_key: DecodingKey::from_secret(secret), validation: Validation::new(Algorithm::HS256) } } }
// Middleware to inject per-request randomness into extensions
async fn add_randomness(req: &mut axum::extract::RequestParts, randomness: Arc<[u8]>) -> Result<(), Infallible> { use axum::extract::RequestPartsExt; req.extensions_mut().insert(randomness); Ok(()) }
#[tokio::main]
async fn main() { let jwt_config = Arc::new(JwtConfig::new(b"super-secret-at-least-32-bytes-long"));
let app = Router::new()
.route("/protected", axum::routing::get(protected_handler))
.layer(middleware::from_fn_with_override(
move |req, extensions| {
let randomness = Arc::clone(&jwt_config.decoding_key.as_ref().into());
// Inject per-request randomness to ensure distinct TLS records
async move { add_randomness(&mut req, randomness).await }
},
tower_http::classify::SharedClassifier::new(tower_http::classify::ServerErrorsFailure::new()),
))
.with_state(jwt_config);
}
async fn protected_handler(
headers: axum::extract::Header<axum::http::header::Authorization>,
state: axum::extract::State<Arc<JwtConfig>>,
) -> Result { let auth = headers.ok_or((axum::http::StatusCode::UNAUTHORIZED,
let token = auth.token().strip_prefix("Bearer ").ok_or_else(|| (axum::http::StatusCode::UNAUTHORIZED, "Invalid authorization format".to_string()))?;
match decode<serde_json::Value>(token, &state.decoding_key, &state.validation) {
Ok(token_data) => Ok(format!("Valid token with claims: {}", token_data.claims)),
Err(_) => Err((axum::http::StatusCode::UNAUTHORIZED, "Invalid token".to_string())),
}
}
};
Key points in this example:
- Per-request randomness is injected into request extensions to encourage distinct TLS record patterns, reducing predictability for a Beast Attack.
- JWT validation uses a fixed algorithm (HS256) and a sufficiently strong secret, avoiding fallback to weaker algorithms.
- The Authorization header is parsed safely, rejecting malformed inputs before validation, which limits information leakage.
Additionally, enforce strong ciphersuites on your reverse proxy or load balancer (e.g., TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256) and avoid legacy protocols. Combine these measures with middleBrick scans to verify that your Axum service does not present patterns conducive to a Beast Attack and that JWT tokens are transmitted and validated securely.