Improving OpenID's use of cryptography 3 - odds and ends

Paul Crowley paul at
Thu Jun 2 06:24:50 PDT 2005

Martin Atkins wrote:
> I already run a site which uses a trick like that to avoid storing login
> session state on the server, but I do it while assuming that it's only
> slightly more secure than it would be to just store the user's password
> in a cookie. Still, coming from someone who clearly knows a lot more
> cryptography than I do I'll take the assersion that this is possible and
> secure on trust for now.

I'm not 100% sure it's possible - I'll have to think it through.  If the 
cookie contents are encrypted and authenticated, all an attacker can do 
is (1) find out the length of the content, and (2) deny you existing 
content, or replay you stale content.  It might be that the ability to 
replay stale content is enough to cause real mischief though.  I had 
thought of this more as a parlour trick, to be honest; if this would 
really be useful, I'll give it more thought.

> Certainly, if all the details are hidden inside a consumer library then
> I would accept that as simple, as long as the library doesn't have any
> crazy dependencies.

eg openssl/crypto++ :-)
\/ o\ Paul Crowley, paul at

More information about the yadis mailing list