Aarunya AppsAarunya Apps

HS512 JWT Algorithm

HS512 uses SHA-512 to produce a 512-bit HMAC signature — the strongest and largest of the three HMAC-family JWT algorithms. Same symmetric trust model as HS256 and HS384, but with maximum hash output size and corresponding key length requirements.

Family
HMAC
Hash
SHA-512
Key type
symmetric
Performance
Fast (< 0.1ms)

Key Requirements

A shared secret of at least 512 bits (64 bytes) recommended for SHA-512-tier security. Generate with: node -e "console.log(require('crypto').randomBytes(64).toString('hex'))"

JWT Header

Every JWT using HS512 has this header (base64url-encoded as the first segment):

{
  "alg": "HS512",
  "typ": "JWT"
}

Code Examples

Node.js — Sign (jose library)
import { SignJWT } from 'jose'

const secret = new TextEncoder().encode(process.env.JWT_SECRET) // 64+ bytes

export async function signToken(payload: Record<string, unknown>) {
  return new SignJWT(payload)
    .setProtectedHeader({ alg: 'HS512' })
    .setIssuedAt()
    .setExpirationTime('2h')
    .sign(secret)
}
Node.js — Verify (jose library)
import { jwtVerify } from 'jose'

const secret = new TextEncoder().encode(process.env.JWT_SECRET)

export async function verifyToken(token: string) {
  const { payload } = await jwtVerify(token, secret, {
    algorithms: ['HS512'],
  })
  return payload
}
Python — PyJWT
import jwt

SECRET = "your-512-bit-secret"  # 64+ bytes

token = jwt.encode({"sub": "1234567890"}, SECRET, algorithm="HS512")
payload = jwt.decode(token, SECRET, algorithms=["HS512"])

When to Use HS512

When maximum symmetric security margin is needed, or when a compliance policy mandates SHA-512 hashing. The performance overhead vs. HS256 is negligible at normal token volumes. For most applications, HS256 with a properly-generated 32-byte key is indistinguishable from HS512 in real-world security.

Security Considerations

The longer token size (base64url-encoded signatures are 86 chars vs 43 for HS256) can increase cookie and header sizes. Token size is rarely a concern but worth noting for constrained environments.

Related Algorithms

Standardised in RFC 7518 §3.2 — JSON Web Algorithms (JWA).

Decode a real JWT

Paste any JWT into the debugger to inspect the header, payload, and verify an HS512 signature.

Open JWT Debugger

Frequently Asked Questions

Can I verify an HMAC JWT without knowing the secret?

No. HMAC-family algorithms (HS256, HS384, HS512) are symmetric — the same secret is used to both sign and verify. Without the secret, you can decode the header and payload (they're just base64url-encoded) but cannot verify the signature's authenticity.

How long should my HMAC secret be?

At least as long as the hash output — 32 bytes (256 bits) for HS256, 48 bytes for HS384, 64 bytes for HS512. Generate with Node.js: require('crypto').randomBytes(32).toString('hex'). Never use passwords or guessable strings as JWT secrets.

When should I use HS256 vs RS256?

Use HS256 when all services that verify the token are in your trust boundary and can share the secret securely (e.g., a single backend service). Use RS256 when you need to share the public key with external services (OAuth resource servers, third-party clients) without sharing the signing secret.