Home > Others

Improving cookie security-related solutions

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Improving cookie security-related solutions
 
Common solutions on the Network are:
Encrypt cookiesAlgorithm. Adding a timestamp and IP address stamp to cookies is actually how long the cookies will expire under the same IP address.
Finally, MD5 is used for Mac signature to prevent tampering ...... However, the plaintext information is still invisible.

My solution is

Cookie = 3DES ("value, time, IP stamp"); the final cookie is like this: 3bd1b32614a528ea

Use 3DES for encryption, so that the client does not have plain text .......

When the server checks, it decrypts the value, time, and IP address stamp, and checks the expiration time and IP address ...... If the cookie does not match, clear the cookie and go to the logon page ..

 

This solves several problems.
1. The client Cookie has no text, and no useful information is obtained ...... If the MD5 Signature is used, the client must have a clear description.
2. tampering is not allowed. Once tampered with, an error will occur during decryption on the server ...... Prevents brute-force cracking
3. After the network is intercepted, it cannot be used because of the IP address stamp ...... The IP address is encrypted and cannot see the plain text. Therefore, the IP address cannot be forged.
4. the reason why an IP address stamp is stored on the client enables it to store cookies on multiple computers. If it is stored on the server, only one computer can use cookies to log on to the client, affecting user experience, A waste of performance queries ......

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
cox security solutions universal security solutions elliott security solutions tips for improving nps cookie scada system security threats vulnerabilities and solutions cgi cookie

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More