Google Chrome to Encrypt Cookies Before Saving Them

Google Chrome team is working on a new security feature, according to a bug report shared by François Beaufort. Once ready, this will enable Chrome to encrypt all cookies that it stores on the users’ computers.

PC and Mac.

Here is the bug description:

Encrypt all stored cookies on selected operating systems.

As part of the goal of protecting private user information, this encrypts the cookie values on operating systems with user-specific crypto APIs and that do not otherwise protect this data.

Performance tests indicate a penalty of about 1ms per cookie (regardless of size) on a Mac and 0.1ms to 0.7ms (depending on the size) under Windows. This will be higher on older hardware but still insignificant.

Encrypted data is binary (with an overhead of 128 bytes on Windows) and binary data must be stored in a BLOB so only one of two fields (“value” or “encrypted_value”) will have data with the other being empty. Both values, however, need to be read & written when accessing a cookie because they are marked “non null”).

Welcome move indeed.

However, remember, online security is more dependent on user discretion than on tools and software that you use. So, stay safe!

Btw, if you are using a Chromebook, your entire profile directory is already encrypted by default.

Leave a Reply

Your email address will not be published.