STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets

Hebrok, Sven Niclas; Storm, Tim Leonhard; Cramer, Felix Matthias; Radoy, Maximilian Manfred; Somorovsky, Juraj

STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets

S.N. Hebrok, T.L. Storm, F.M. Cramer, M.M. Radoy, J. Somorovsky, in: 34th USENIX Security Symposium, 2025.

Download (ext.)

https://www.usenix.org/conference/usenixsecurity25/presentation/hebrok

Conference Paper | English

Author

Hebrok, Sven Niclas^LibreCat ; Storm, Tim Leonhard^LibreCat; Cramer, Felix Matthias; Radoy, Maximilian Manfred^LibreCat ; Somorovsky, Juraj^LibreCat

Department

Systemsicherheit

Publishing Year

2025

Proceedings Title

34th USENIX Security Symposium

LibreCat-ID

60970

Cite this

Hebrok SN, Storm TL, Cramer FM, Radoy MM, Somorovsky J. STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets. In: 34th USENIX Security Symposium. ; 2025.

Hebrok, S. N., Storm, T. L., Cramer, F. M., Radoy, M. M., & Somorovsky, J. (2025). STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets. 34th USENIX Security Symposium.

@inproceedings{Hebrok_Storm_Cramer_Radoy_Somorovsky_2025, title={STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets}, booktitle={34th USENIX Security Symposium}, author={Hebrok, Sven Niclas and Storm, Tim Leonhard and Cramer, Felix Matthias and Radoy, Maximilian Manfred and Somorovsky, Juraj}, year={2025} }

Hebrok, Sven Niclas, Tim Leonhard Storm, Felix Matthias Cramer, Maximilian Manfred Radoy, and Juraj Somorovsky. “STEK Sharing Is Not Caring: Bypassing TLS Authentication in Web Servers Using Session Tickets.” In 34th USENIX Security Symposium, 2025.

S. N. Hebrok, T. L. Storm, F. M. Cramer, M. M. Radoy, and J. Somorovsky, “STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets,” 2025.

Hebrok, Sven Niclas, et al. “STEK Sharing Is Not Caring: Bypassing TLS Authentication in Web Servers Using Session Tickets.” 34th USENIX Security Symposium, 2025.

All files available under the following license(s):

Copyright Statement:

This Item is protected by copyright and/or related rights. [...]

Link(s) to Main File(s)

URL

https://www.usenix.org/conference/usenixsecurity25/presentation/hebrok

Access Level

Closed Access

Export

Marked Publications

Open Data LibreCat

Search this title in

Google Scholar