On Mon, Feb 11, 2019 at 05:56:24PM +0300, Konstantin Knizhnik wrote: > > Also such attack is possible only if session_id can be somehow "guessed". If > it is just big random number, then it is very unlikely that it can be hacked > in in this way.
I am not arguing against compression, but this point isn't exactly true. The _uniformity_ of the key makes a big difference in the practicality of the attack, not the total entropy. For example, if the session_id was a 128 bit hex string and I knew or guessed the characters before the secret part and could send data that ended up near the secret then I can guess one character at a time and infer the guess is correct when the size of the packet gets smaller. IOW, I really only have to guess with 1/16 odds each digit (because its a hex string in this example). In the case, the 128 bit secret only provides the effective protection of an 8-bit secret because it can be guessed left to right 4 bits at a time. Garick