After looking at the controversy, delving into my security textbook,
and reading some articles on hashing, I would like to recommend some
tweaks to the CookieSesson defaults and the new 'rake secret'.
1) Change the default hash used in the cookies to SHA256 as a hole
was semi-recently found in SHA1.
2) Make 'rake secret' use the lengthier SHA512 hash and output the
secret key in base64, or better yet, in a binary string. The 30
character length requirement will require multiple hashes to be
generated; however, it will add a significant amount of entropy to
every character. (The limited character set in a hex-characters-only
key may lead to a differential cryptanalysis -- I'm no crypto-expert,
so if someone else knows different, please ease my mind)
3) Make 'rake secret' use OpenSSL to generate the secret key.
4) Add, at least an option, to hash the IP address of the user into
the cookie's hash. This should prevent against replay attacks
automatically without the application developer having to write in
I am willing to write the patches for any/all of these changes.
Also, I noted that a secret key was also set in a comment in the
generated ApplicationController. I assume that this is unnecessary
since the secret is set by default in the environment.rb. I recommend
taking this out of the ApplicationController, assuming it's
And a comment on previous thoughts about using asymmetric key
cryptography for generating a signature: I don't recommend this as it
is much much more processor intensive than generating a
cryptographically secure hash, and a cryptographically secure hash is
probably just as effective -- for now.
If I'm beating a dead horse on any of this, I apologize. I tried to
do as much research on the controversy as possible, but I, of course,
could have missed some things.