Secure masked tokens for API keys and password resets

My current application needs secure tokens for password reset.
These tokens do not contain any state, the security model is that the bearer will use them to talk to the server and the server can look up the associated state.
Also ideally these tokens should be as short as possible.

Currently what I am doing is associating an id (32 bit integer) with a secret (128 bit).
The id and a masked version of the secret are stored in the database.

  defp mask(secret) do
    Base.url_encode64(:crypto.hash(:sha256, secret))

The token given to the user is a base64 url encoded string with both id and secret.

  def serialize(id, secret) when id <= @maximum_id_value do
    Base.url_encode64(<<id::32, 0::8, secret::binary>>)


  • My server cannot generate the token so user can only download it at the time of generation
  • I can generate a prefix (the first 6 characters come from the id) for a user which is helpful for managing the keys.

My Questions are:

  • Is this secure?
  • Are there any standards for this type of token?
  • If no standards are there any libraries that do just this. I have found libraries that do more but I want just the token creation and serializing and parsing.

If you have associated state can you store the token there as well? If so I guess :crypto.strong_rand_bytes(n) + wherever hashing you prefer should be enough.

What will happen when I will change and ID in serialised token? IMHO this is the case where you could use JWT or PASETO tokens with user ID stored in signed manner.

That’s pretty much what I am doing but with an associated id. So that when a user revists there API page the get shown something like tok_ABC32Q*******

JWT tokens are just too long, for my usecase.

Check out PASETO, I am also working on similar standard that will simply remove the requirement on the message to be encoded as JSON.

Interesting, might be useful for something else.
But probably anything with signed data is probably going to result in too long tokens. At the moment my tokens are 28 charachters long.

I’d just use a Phoenix.Token holding something small and useful and time limited.

As far as I am aware they still include data in the token? Which makes them too long

Database then yeah.