We found blockciphers and cookies to be the perfect solution for our
session management needs. The only problem we heard about was some
kind of "oraculum", so we decided to pad our messages with NUL bytes
and now the system is 100% safe.
Update (2019-01-02): fixed a typo in the flag
You get 200 points for this challenge.
Solvers:
no one
2019
web
crypto