C2S/S2C lifetime

[Hal Murray]

Gary said:
> Nothing says that a single cookie could not be used by a farm of clients to
> push the cookies per second into the thousands.

> Then add that this is millions of know plaintext and known ciphertext pairs
> That is not what the key reuse calculations assume. 

I'm missing a step.  How are you getting known plaintext/cyphertext pairs?

If an idiot gets a C2S/S2C pair and then sends zillions of packets, he exposes 
lots of traffic for his keys.  Don't do that.

If an attacker captures a cookie by spying on the wire, what can he do with 
it?  He doesn't know the C2S so he can't use that cookie in new packets.  He 
can replay the whole packet.  That will generate new cookies/cyphertext but 
doesn't get any plaintext.

-- 
These are my opinions.  I hate spam.