Abstract | ||
---|---|---|
Stateless session cookies allow web applications to alter their behaviour based on user preferences and access rights, without maintaining server-side state for each session. This is desirable because it reduces the impact of denial of service attacks and eases database replication issues in load-balanced environments. The security of existing session cookie proposals depends on the server protecting the secrecy of a symmetric MAC key, which for engineering reasons is usually stored in a database, and thus at risk of accidental leakage or disclosure via application vulnerabilities. In this paper we show that by including a salted iterated hash of the user password in the database, and its preimage in a session cookie, an attacker with read access to the server is unable to spoof an authenticated session. Even with knowledge of the server's MAC key the attacker needs a user's password, which is not stored on the server, to create a valid cookie. By extending an existing session cookie scheme, we maintain all the previous security guarantees, but also preserve security under partial compromise. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1007/978-3-642-22137-8_13 | Security Protocols Workshop |
Keywords | Field | DocType |
user password,session cookie proposal,user preference,database replication issue,hardened stateless session cooky,session cookie,authenticated session,existing session cookie scheme,valid cookie,stateless session cooky,previous security guarantee | Brute-force attack,Internet privacy,Computer security,Computer science,Session hijacking,Session ID,Cookie stuffing,Password,Stateless protocol,Transport Layer Security,Session fixation | Conference |
Volume | ISSN | Citations |
6615 | 0302-9743 | 2 |
PageRank | References | Authors |
0.56 | 8 | 1 |
Name | Order | Citations | PageRank |
---|---|---|---|
Steven J. Murdoch | 1 | 806 | 57.90 |