Displaying 1 result from an estimated 1 matches for "ripening".
2007 Mar 30
7
Some additional attacks on Cookie Session
Aside from the replay attacks discussed, there are some other attack
vectors on the cookie_session store.
I appreciate (and admire!) Jeremy''s good humor on all of this:
> Planting the seed here led to quick ripening and plenty of pesticide.
> Thanks for the fish, all.
>
> jeremy
Anyway, here''s what we came up with:
1. Brute Force
SHA512 can be computed _very_ fast. On my Pentium Core Duo:
irb> z = ''z'' * 100; puts Benchmark.measure { 1000.times
{ Digest::SHA512.hexdiges...