I am by no means a cookie expert, but did some work with them a little while back.
Also, most browsers have options for cookies, such as Only Allow Same Site Reading, or something like that which restricts sites from accessing any of your cookies other than those placed by that sight. I don't know that this would come into play in your case, but it never hurts to know that it might.
My advice: If you can set the values in Perl and store it encrypted as a cookie.. do it that way by all means.
Never trust any data coming from the user.