Skip to content
This repository

Reference implementation of the SCS protocol

branch: master
README
   SCS is a small cryptographic protocol layered on top of the HTTP
   cookie facility [RFC6265], that allows its users to produce and
   consume authenticated and encrypted cookies, as opposed to usual
   cookies, which are un-authenticated and sent in clear text.

   By having a non-tamperable proof of authorship attached, each SCS
   cookie can always be validated by the originator, making it possible
   for a server to handle clients' session state without the need to
   store it locally.  In fact, an SCS enabled server could completely
   delegate the application state storage to the client (e.g. a web
   browser) and use it, in all respects, as a remote storage device.
   The result of the cryptographic transformations applied to state data
   can be used to ensure that its information authenticity and
   confidentiality attributes are the same as if they were stored
   privately on server-side.
Something went wrong with that request. Please try again.