At Wed, 05 Aug 2015 10:58:56 +0200, "Ralf Weber" <d...@fl1ger.de> wrote:
> But lets focus on the way the server handles cookies. I think I > discussed that with you or Donald in Prague. There are two ways to > do this so that each client gets a different cookie, which is what > the draft suggest: [...] > - provide a deterministic function that takes the client IP and a > secret to generate the cookie. That way you can generate the same > cookie on every request. > So the last method becomes a cryptoanalytics problem and I am not > a cryptographer, but it would be good if someone with more know > how there could comment on how difficult it would be to break the > secret given that one can easily generate 2^64 different inputs > to that function and examine the output. Do you mean it might be easy to brute-force all 2^64 possible secrets for, e.g, HMAC-SHA256? Or do you mean it might be possible to attack (e.g.) the HMAC-SHA256 algorithm so the attacker can identify the secret from the 2^64 possibilities in much shorter time (such as a few hours)? -- JINMEI, Tatuya _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
