On Mon, Feb 11, 2019 at 05:56:24PM +0300, Konstantin Knizhnik wrote:
>
> Also such attack is possible only if session_id can be somehow "guessed". If
> it is just big random number, then it is very unlikely that it can be hacked
> in in this way.
I am not arguing against compression, but this point isn't exactly true.
The _uniformity_ of the key makes a big difference in the practicality of
the attack, not the total entropy.
For example, if the session_id was a 128 bit hex string and I knew or
guessed the characters before the secret part and could send data that ended
up near the secret then I can guess one character at a time and infer
the guess is correct when the size of the packet gets smaller. IOW, I
really only have to guess with 1/16 odds each digit (because its a hex
string in this example).
In the case, the 128 bit secret only provides the effective protection
of an 8-bit secret because it can be guessed left to right 4 bits at a
time.
Garick