To avoid connection hijacking, cookies, such as TCP port and sequence
numbers, is enough, if they are long enough.
That's preposterous. Long-enough numbers are good *if* and only if there are
no eavesdroppers present.
"good *if* and only if"?
With cookies, a network is as secure as a telephone or fax network, which
is *GOOD* enough for credit card companies.
On the other hand, complex key handling mechanism introduces a
lot of chances for key eavesdropping.
You may use optional IPSEC over it for extra security (it is more
secure primarily because IPSEC keys are long cookies), but you
don't need it.
Agreed, because TCP port and sequence numbers are long enough.