Open fredbi opened 5 years ago
Cookie encryption currently only supports AES-256 with GCM cipher this is better: https://eprint.iacr.org/2017/697.pdf
Alternatively (or in addition), we might favor cookie secret key rotation...
This would be a personal research project, following https://datatracker.ietf.org/meeting/100/materials/slides-100-cfrg-re-keying-mechanisms-for-symmetric-keys/
Cookie encryption currently only supports AES-256 with GCM cipher this is better: https://eprint.iacr.org/2017/697.pdf
Alternatively (or in addition), we might favor cookie secret key rotation...