- For some people, it's a way to verify the integrity and authenticity of a cookie value. They don't want to be fooled by malicious users.
- For others, it's a way to store confidential data on user browser. And by confidential, they mean CONFIDENTIAL : no user (even if they have the "Malicious certification") have to see the data stored in the cookie. Only the web application has to do it.
- And for some others, a secure cookie can't be intercepted and replayed by malicious users (on untrusted network/computer).
You may ask : "Why do I have to put sensible/confidential data in cookies ? There is server side sessions to store these data ! Cookies are as unsafe as the wireless network of my grandmother ! And god know she don't want to know what WPA and Wardriving is ! Do you like to play with fire ?"To answer you : yes, i'ts fun to play with fire, i like it !
For the cookie things, yes you can store your data in session on your server. But think twice before using sessions : session state is evil ! Anyway, session evilness it's not the question : if you use sessions, you probably have to store a sessionID in a cookie. This cookie is very important... it must be secure :) Most web applications are concerned by cookie security .
So, depending on nature of the data you want to store in cookies, your must consider all of these points (authenticity, integrity, confidentiality, replay attacks, cookie interception) and select which of them you want to apply.For each problem, there is a (cryptographic) solution :
- The data integrity and authenticity problems can be solved by cryptographic hashing functions. We will focus on HMAC.
- The confidentiality problem can be solved with use of cryptographic bloc cipher. We will focus on AES.
- The replay problem can be resolved with a mix of HMAC and SSL.
- The interception risk can be reduced with a secure transport protocol, like SSL or TLS. But in fact, it's not a real problem (for cookies I mean) because if a cookie value is encrypted, not replayable and not modifiable... it becomes mostly harmless.
So, if you are still reading, you may be interrested in concrete solutions and crunchy details ? Then I invite you to read this paper : "A Secure Cookie Protocol" by Alex X. Liu.
In the next article, I will give you an implementation of this protocol : some PHP classes and a way to integrate it in Zend Framework.Comments are welcome :)