[{"_id":"60970","department":[{"_id":"632"}],"user_id":"55616","ddc":["000"],"language":[{"iso":"eng"}],"file_date_updated":"2025-09-29T13:46:49Z","publication":"34th USENIX Security Symposium","type":"conference","status":"public","file":[{"relation":"main_file","content_type":"application/pdf","file_id":"61465","file_name":"paper.pdf","access_level":"open_access","file_size":333869,"date_created":"2025-09-29T13:41:18Z","creator":"snhebrok","date_updated":"2025-09-29T13:46:49Z"},{"access_level":"open_access","file_id":"61466","file_name":"ae.pdf","file_size":162464,"date_created":"2025-09-29T13:41:27Z","creator":"snhebrok","date_updated":"2025-09-29T13:46:49Z","relation":"supplementary_material","content_type":"application/pdf"},{"access_level":"open_access","file_id":"61467","file_name":"poster.pdf","file_size":535577,"date_created":"2025-09-29T13:41:41Z","creator":"snhebrok","date_updated":"2025-09-29T13:46:49Z","relation":"poster","content_type":"application/pdf"},{"date_created":"2025-09-29T13:42:04Z","creator":"snhebrok","date_updated":"2025-09-29T13:46:49Z","access_level":"open_access","file_name":"slides.pdf","file_id":"61468","file_size":3057223,"content_type":"application/pdf","relation":"slides"}],"date_updated":"2025-09-29T13:46:49Z","oa":"1","date_created":"2025-08-21T13:43:47Z","author":[{"first_name":"Sven Niclas","orcid":"0009-0006-1172-1665","last_name":"Hebrok","full_name":"Hebrok, Sven Niclas","id":"55616"},{"first_name":"Tim Leonhard","id":"74914","full_name":"Storm, Tim Leonhard","last_name":"Storm","orcid":"0009-0001-2681-1624"},{"full_name":"Cramer, Felix Matthias","last_name":"Cramer","first_name":"Felix Matthias"},{"first_name":"Maximilian Manfred","last_name":"Radoy","orcid":"0009-0005-3059-6823","id":"68826","full_name":"Radoy, Maximilian Manfred"},{"full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"}],"title":"STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets","main_file_link":[{"url":"https://www.usenix.org/conference/usenixsecurity25/presentation/hebrok","open_access":"1"}],"has_accepted_license":"1","year":"2025","citation":{"apa":"Hebrok, S. N., Storm, T. L., Cramer, F. M., Radoy, M. M., &#38; Somorovsky, J. (2025). STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets. <i>34th USENIX Security Symposium</i>.","short":"S.N. Hebrok, T.L. Storm, F.M. Cramer, M.M. Radoy, J. Somorovsky, in: 34th USENIX Security Symposium, 2025.","mla":"Hebrok, Sven Niclas, et al. “STEK Sharing Is Not Caring: Bypassing TLS Authentication in Web Servers Using Session Tickets.” <i>34th USENIX Security Symposium</i>, 2025.","bibtex":"@inproceedings{Hebrok_Storm_Cramer_Radoy_Somorovsky_2025, title={STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets}, booktitle={34th USENIX Security Symposium}, author={Hebrok, Sven Niclas and Storm, Tim Leonhard and Cramer, Felix Matthias and Radoy, Maximilian Manfred and Somorovsky, Juraj}, year={2025} }","ama":"Hebrok SN, Storm TL, Cramer FM, Radoy MM, Somorovsky J. STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets. In: <i>34th USENIX Security Symposium</i>. ; 2025.","ieee":"S. N. Hebrok, T. L. Storm, F. M. Cramer, M. M. Radoy, and J. Somorovsky, “STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets,” 2025.","chicago":"Hebrok, Sven Niclas, Tim Leonhard Storm, Felix Matthias Cramer, Maximilian Manfred Radoy, and Juraj Somorovsky. “STEK Sharing Is Not Caring: Bypassing TLS Authentication in Web Servers Using Session Tickets.” In <i>34th USENIX Security Symposium</i>, 2025."}},{"page":"54","citation":{"bibtex":"@book{Storm_2023, title={Large Scale Scanning of TLS Session Ticket Confusion}, DOI={<a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">10.17619/UNIPB/1-1770 </a>}, author={Storm, Tim Leonhard}, year={2023} }","short":"T.L. Storm, Large Scale Scanning of TLS Session Ticket Confusion, 2023.","mla":"Storm, Tim Leonhard. <i>Large Scale Scanning of TLS Session Ticket Confusion</i>. 2023, doi:<a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">10.17619/UNIPB/1-1770 </a>.","apa":"Storm, T. L. (2023). <i>Large Scale Scanning of TLS Session Ticket Confusion</i>. <a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">https://doi.org/10.17619/UNIPB/1-1770 </a>","ama":"Storm TL. <i>Large Scale Scanning of TLS Session Ticket Confusion</i>.; 2023. doi:<a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">10.17619/UNIPB/1-1770 </a>","ieee":"T. L. Storm, <i>Large Scale Scanning of TLS Session Ticket Confusion</i>. 2023.","chicago":"Storm, Tim Leonhard. <i>Large Scale Scanning of TLS Session Ticket Confusion</i>, 2023. <a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">https://doi.org/10.17619/UNIPB/1-1770 </a>."},"year":"2023","has_accepted_license":"1","doi":"10.17619/UNIPB/1-1770 ","title":"Large Scale Scanning of TLS Session Ticket Confusion","author":[{"first_name":"Tim Leonhard","last_name":"Storm","full_name":"Storm, Tim Leonhard","id":"74914"}],"supervisor":[{"first_name":"Juraj","id":"83504","full_name":"Somorovsky, Juraj","last_name":"Somorovsky","orcid":"0000-0002-3593-7720"},{"first_name":"Sven Niclas","orcid":"0009-0006-1172-1665","last_name":"Hebrok","full_name":"Hebrok, Sven Niclas","id":"55616"}],"date_created":"2024-03-04T13:37:31Z","oa":"1","date_updated":"2024-03-04T13:42:33Z","status":"public","file":[{"relation":"main_file","content_type":"application/pdf","file_size":1577963,"file_name":"BT_Tim_Storm_14_05_23_signed.pdf","file_id":"52253","access_level":"open_access","date_updated":"2024-03-04T13:38:38Z","date_created":"2024-03-04T13:36:14Z","creator":"tistorm"}],"abstract":[{"text":"Session tickets are a resumption mechanism, which can speed up repeated TLS connections. To do so, information is stored client-side, encrypted with an additional symmetric key, which is separate from existing private keys. A server only has to store this key, making session tickets stateless for the server. If the key is shared between servers, a client can be misled into resuming a session with a different, less secure server. In this thesis, we design and implement a scan for detecting prerequisites to such an attack, by requesting and redeeming tickets for pair-wise servers. We find that 17,901 out of 22,127 scanned (virtual) hosts are potentially vulnerable to this attack because they share their keys and accept tickets issued for other domains. We discuss the difficulties of detecting such an attack and show that unfortunately, our approach does not scale to larger sample sizes.","lang":"eng"}],"type":"bachelorsthesis","language":[{"iso":"eng"}],"file_date_updated":"2024-03-04T13:38:38Z","ddc":["006"],"user_id":"74914","_id":"52251"}]