While I was reading about session hijacking articles, i learned that it would be nice to encrypt session id value that is stored in a cookie.
As far as I know, when I start a session by calling session_start(), PHP does not encrypt session id value in a cookie.
How do I encrypt session id value and then initialize session with it?
Encrypting won't help. The session cookie is just a magic number anyway. Encrypting it just means there's a different magic number to hijack. Depending on what hijacking scenarios you have in mind, there are other possible mitigations. For example, you can limit sessions to a single IP. That poses some issues though, e.g. people switching between wireless points.