Forum Discussion

jerm1020_254086's avatar
jerm1020_254086
Icon for Nimbostratus rankNimbostratus
Jul 20, 2016

cookie encyption passphrase

I realize this is a pretty basic question so don't skewer me. I want to enable cookie encryption which seems like a very painless process, but I'm just curious as to what the cookie encryption passphrase is used for? is this going to be needed to be given out to users? whats the use and when is it utilized? further configuration needed on other devices for it? any and all help is always appreciated.

 

  • Hi jerm1020. I'm not a crypto expert but let me take a stab at this. The passphrase may be used by the F5 AES process to do a mathematical computation like XOR to come up with the encrypted value for your cookie. You don't give this out to user because it is used by F5 appliance. There is no other configuration on other devices as far as I'm concerned.

     

    • ekaleido's avatar
      ekaleido
      Icon for Cirrus rankCirrus

      Yeah. It's just the key used to encrypt the cookie. Otherwise the cookie will contain data related to your virtual server's name and the IP(s) of the pool member(s).

       

  • Hi jerm1020. I'm not a crypto expert but let me take a stab at this. The passphrase may be used by the F5 AES process to do a mathematical computation like XOR to come up with the encrypted value for your cookie. You don't give this out to user because it is used by F5 appliance. There is no other configuration on other devices as far as I'm concerned.

     

    • ekaleido's avatar
      ekaleido
      Icon for Cirrus rankCirrus

      Yeah. It's just the key used to encrypt the cookie. Otherwise the cookie will contain data related to your virtual server's name and the IP(s) of the pool member(s).

       

  • It uses AES encryption. AES encryption relies on matrices & XOR. Plaintext (cookie) will be XOR'd with "Encryption Key" in order to obtain the Ciphertext. For a more detailed information, see this.