What encryption algorithm is best for encrypting session file on the server? [duplicate]


What encryption algorithm is best for encrypting session file on the server? [duplicate]



Possible Duplicate:
What is the best way to encrypt a text file in C/C++?

It may sound weird but there is a C++ web application (CGI). Every new request creates a new process. So in order to maintain session a text file will be created on the server which will contain info like sessionid, username, password, timestamp etc. This text file will be created for the first request and then referred to for subsequent requests to keep session alive. The text file will be deleted when user logs off.

To accomplish security the text file should be encrypted. Also the contents of the text file should be encrypted.

What could be the best possible encryption algorithm for this scenario? My search tells me AES. But I also wanted to ask this question to see if the approach used for session management is correct or not.




iPhone client certificate

1:



how to protect the ws discovery ad hoc network from man-in-the-middle attacks
Encrypting the session will accomplish nothing, because the server has the key already.


Symfony Action Security - How to forward after successful authentication?
Encryption is only meaningful when the message and key are seperate..
Safari & Javascript - Same Origin policy?
Also, don't store a password in the session.


Git repository with multiple users on Ubuntu
You need only store the username - if the user has created a session and logged in, it's sufficient to note that fact, and then discard the password after checking it only once..
Unit testing with Spring Security


Web application to use window domain accounts for authentication


89 out of 100 based on 69 user ratings 1319 reviews