Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re: session keys: how far to take it

by Anonymous Monk
on Dec 28, 2004 at 12:10 UTC ( [id://417747]=note: print w/replies, xml ) Need Help??


in reply to session keys: how far to take it

It depends on who you can trust. If you can trust anyone with root (or physical) access to the box, you could simple use a counter, and a secret key. Concatenate the secret key with the counter, and make a digest of them. Instead of a counter, you could use a timestamping feature of a database (anything that gives you a unique number - you don't have to care whether it's guessable).

What you are doing with the technique is basically combining two things, each of them supplying one the requirements you need. The secret key gives you something that's hard to guess - and the counter or timestamp gives you uniqueness.

In Section Meditations

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://417747]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (2)
As of 2024-04-16 21:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found