Hi Anand,
I did run a Entropy test with the sample SMSESSION cookie
"55v6p6uth1UB5ySw4DQEc4DMlto7VK8aZltp4+RWaOnLy30xlrJ5xlN2CO9kCvFP7zM+3nMC0biFdKkmP7J7EyOtpPI4SqZLzyVQ6m/EWFqa+nftbIfqEG06JHwD8gUgxLsZaWzipHPQyINXz4qgxHtldn/VBFAJ+BiODR8PtKzE0mHPeIGFhK7RfoLWAkfB3DUp3/fqXw1yHtHL5CBlM7uNFEgwGYyH3JlbwNllrxNY6f3OmEKjR2kfGJiRU55o94UVGoarvIKsYg3XqcpaAeIS9WTqFLjOMDMHIqDloZjM2sKVWdZOVt0QbUO4uOkCqUd4zz1jtfgchKaaPdaZTC2hm1QDiUfbcyCusIaAwdElrumw4FccxEaXNF5qh7aHmzFVuxic3BBU3ShIMGDON6mGDklJk6yMUyIsTkm7Mv9ObcaFLlFDeN/vc/GRB1FjpZbMW0qj5x4bOYkuliGuo/AKFB9DuHsMHId8gYmhVcBtgnN98oqmfjEqSMj5MLTVyDliLaIjiweP0tukzQEksWXups/lMxYvkzrvkn5k+LHONUmAGWNQ5G5g7GnkWr+iqEvMu5MjacRau+igy3L6e4Q/ipTBLysvq1WdmnriTx1EDiQ7cteTdZcHZF/pM1Is5dEmzj7KGQeh0LCP/xloeFZ9oJb+0sfyz8C/o3Lr1IBNE/6d46Xj4WLBRLPDKK6FcrghvwDHTh6MEbn4qimd62OZ7i5paijcx3+jJxNE4u5V+GkXcGA6P/Yy6lBl9ps4RFJ4gn2zzes3e1me5pzGVaeelo+hJkojQKs4VTTEfI0zU0POABW/8/7JyWw5TaCfbAVQFmi9UnNXNxuVbn8rQg3rU2zHc0cTRbjLu0H02+VFh8PwqyHZ4YAldkgo0f6+dhhOYkeaL4GRLPXKM4vL11TtqBfarjww4zVEiRIDTC4WaR6x+JTYH8s719D3HRAeGzyNA0szKma8WKBYz9ZiXQaAVqfwt8zus0dflqNdbSiNxItrm6fj6N+/noIrx31uAIB3sHssBDzWUAoxDxIds0l9Vic87ZLbDwIHMp4M5mrBUt4WFhHL1aFzxWauft+OYEkTSEDfOX5eoYJUE6HXFQaswEwFiqz80dMwqToF74g8wCMb0mT4sZsHcKsIw8MK; SMIDENTITY=zQgWPB/ZxSd/wa27udMGNUnWaiK/RBut0WyawfylBpr182wgPLxC+LfQaY10Qg3xiN0SnVs4ZbECMgETlxABg0i8yJQwpmmjl6MgXu2jRcqgxbUVq0UDYzpVscD6eFqsxXF4YBlSaTzmYTNmVO78KUBlWosjLMe92IJvB4RS6zhCvMFnZBk8lRfZl8QdVShNdmdbgGL6az6GcnxV4Umcd7zWKu7QDSqZR67iDHOsEwgN6b5oRq4eqKsIXYwmzouMQvj1w5FDFfqYpUR76MFvsNDLvoCozDkIVjRhfi8Zj8pn7mr/mS+ijENe49zs1f0ExaNyAl+r2bb2/YAU7n/5OiRvVOUruud1LaI9VKQvBeszqaRjUqWEI5N2SsYvJu+GqqmbUAA3i54kKeMc+KnTvUQ5RCGWS7opi9uZZFlWher3C3sDJM0GsyrKQrU007TN2eRuhJRLZQnpFTa7tVT+piVTiDUs/1KOQeifYtgF6TE4Dxj9B37CU4ir9gVHIObDPKD/nMqsDZ7F4TzGiOxaHP4lytmC3uyUrGAhcqv2pPuOZJgwTLTVbxyxv/GqoVxSgiDpPRtzcwiLIlsA2xzMCXN3qQnzdJAwGaU8D4ZPKMihc2ODlx7ArhwFKLp8OZV03T5f3YI7aDWuT5LykripCBqQPXU5UvWmmzMxaipO7dYxdpXgtY0DVOtLnFFlisOy"
And here is the result :
Entroyp Test : Strength Test
Now, to be able to guess this level of complex value , I think is out of question.
For your information, SMSESSION cookie is first encrypted by using the Agent KEY and then Base64 encoded.
Now, the Agent KEY itself is of following strength:
In FIPS Compat Mode :
Agent Key: Encrypted using RC2 algorithm with an HMAC-SHA1 digest : 128 bit length
In FIPS Only Mode:
Agent Key: Encrypted using AES algorithm with an HMAC-SHA256 digest : 128 bit length