{"_id":"52251","status":"public","year":"2023","user_id":"74914","citation":{"apa":"Storm, T. L. (2023). <i>Large Scale Scanning of TLS Session Ticket Confusion</i>. <a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">https://doi.org/10.17619/UNIPB/1-1770 </a>","chicago":"Storm, Tim Leonhard. <i>Large Scale Scanning of TLS Session Ticket Confusion</i>, 2023. <a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">https://doi.org/10.17619/UNIPB/1-1770 </a>.","mla":"Storm, Tim Leonhard. <i>Large Scale Scanning of TLS Session Ticket Confusion</i>. 2023, doi:<a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">10.17619/UNIPB/1-1770 </a>.","ieee":"T. L. Storm, <i>Large Scale Scanning of TLS Session Ticket Confusion</i>. 2023.","bibtex":"@book{Storm_2023, title={Large Scale Scanning of TLS Session Ticket Confusion}, DOI={<a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">10.17619/UNIPB/1-1770 </a>}, author={Storm, Tim Leonhard}, year={2023} }","ama":"Storm TL. <i>Large Scale Scanning of TLS Session Ticket Confusion</i>.; 2023. doi:<a href=\"https://doi.org/10.17619/UNIPB/1-1770 \">10.17619/UNIPB/1-1770 </a>","short":"T.L. Storm, Large Scale Scanning of TLS Session Ticket Confusion, 2023."},"ddc":["006"],"type":"bachelorsthesis","oa":"1","page":"54","language":[{"iso":"eng"}],"file_date_updated":"2024-03-04T13:38:38Z","date_created":"2024-03-04T13:37:31Z","doi":"10.17619/UNIPB/1-1770 ","author":[{"id":"74914","first_name":"Tim Leonhard","full_name":"Storm, Tim Leonhard","last_name":"Storm"}],"has_accepted_license":"1","file":[{"relation":"main_file","file_size":1577963,"creator":"tistorm","file_id":"52253","access_level":"open_access","content_type":"application/pdf","date_created":"2024-03-04T13:36:14Z","date_updated":"2024-03-04T13:38:38Z","file_name":"BT_Tim_Storm_14_05_23_signed.pdf"}],"supervisor":[{"last_name":"Somorovsky","full_name":"Somorovsky, Juraj","first_name":"Juraj","id":"83504","orcid":"0000-0002-3593-7720"},{"orcid":"0009-0006-1172-1665","full_name":"Hebrok, Sven Niclas","last_name":"Hebrok","id":"55616","first_name":"Sven Niclas"}],"date_updated":"2024-03-04T13:42:33Z","title":"Large Scale Scanning of TLS Session Ticket Confusion","abstract":[{"lang":"eng","text":"Session tickets are a resumption mechanism, which can speed up repeated TLS connections. To do so, information is stored client-side, encrypted with an additional symmetric key, which is separate from existing private keys. A server only has to store this key, making session tickets stateless for the server. If the key is shared between servers, a client can be misled into resuming a session with a different, less secure server. In this thesis, we design and implement a scan for detecting prerequisites to such an attack, by requesting and redeeming tickets for pair-wise servers. We find that 17,901 out of 22,127 scanned (virtual) hosts are potentially vulnerable to this attack because they share their keys and accept tickets issued for other domains. We discuss the difficulties of detecting such an attack and show that unfortunately, our approach does not scale to larger sample sizes."}]}