Cache Dependent Key/Encryption

From: A. Elamiri (abdellahDOTelamiriATclintonDOTedutNOSPAM)
Date: 04/19/04


Date: Mon, 19 Apr 2004 10:22:34 -0400

I would like to store some Role Information in a cookie since I cannot use
Session in the AuthenticateRequest method.

I thought of encrypting the cookie using Rijndael Algo. for provider. I
would generate a 16 character key store it as a Cached object and replace it
every 20-30 minutes, if the cookie data does not decrypt then simply reload
it because I would assume that key expired.

Is this a secure way of doing it?



Relevant Pages

  • Re: Store private key in cookie?
    ... Storing a key in a file somewhere is generally not a good idea, ... this is not secure) store it in the session object. ... > I was thinking of using RSA to encrypt the Rijndael key/IV. ... > private key in a cookie on a trusted 'admin' machine. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Store private key in cookie?
    ... Storing a key in a file somewhere is generally not a good idea, ... this is not secure) store it in the session object. ... > I was thinking of using RSA to encrypt the Rijndael key/IV. ... > private key in a cookie on a trusted 'admin' machine. ...
    (microsoft.public.dotnet.security)
  • Re: [PHP] module and access rights
    ... so you store in your cookie the username and the check string. ... for example, user is logged, so i have in the cookie his login name. ... >>> i will use those stored data to check if logged user can have access ... >> in the session - that's as secure as it's gonna get. ...
    (php.general)
  • Re: [PHP] module and access rights
    ... but i would be very glad to know how can i REALLY authenticate the user. ... for example, user is logged, so i have in the cookie his login name. ... >> regarding how to store user login and password. ... > in the session - that's as secure as it's gonna get. ...
    (php.general)
  • Re: [PHP] module and access rights
    ... so you store in your cookie the username and the check string. ... for example, user is logged, so i have in the cookie his login name. ... >>> i will use those stored data to check if logged user can have access ... >> in the session - that's as secure as it's gonna get. ...
    (php.general)