---
_id: '60970'
author:
- first_name: Sven Niclas
  full_name: Hebrok, Sven Niclas
  id: '55616'
  last_name: Hebrok
  orcid: 0009-0006-1172-1665
- first_name: Tim Leonhard
  full_name: Storm, Tim Leonhard
  id: '74914'
  last_name: Storm
  orcid: 0009-0001-2681-1624
- first_name: Felix Matthias
  full_name: Cramer, Felix Matthias
  last_name: Cramer
- first_name: Maximilian Manfred
  full_name: Radoy, Maximilian Manfred
  id: '68826'
  last_name: Radoy
  orcid: 0009-0005-3059-6823
- first_name: Juraj
  full_name: Somorovsky, Juraj
  id: '83504'
  last_name: Somorovsky
  orcid: 0000-0002-3593-7720
citation:
  ama: 'Hebrok SN, Storm TL, Cramer FM, Radoy MM, Somorovsky J. STEK Sharing is Not
    Caring: Bypassing TLS Authentication in Web Servers using Session Tickets. In:
    <i>34th USENIX Security Symposium</i>. ; 2025.'
  apa: 'Hebrok, S. N., Storm, T. L., Cramer, F. M., Radoy, M. M., &#38; Somorovsky,
    J. (2025). STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers
    using Session Tickets. <i>34th USENIX Security Symposium</i>.'
  bibtex: '@inproceedings{Hebrok_Storm_Cramer_Radoy_Somorovsky_2025, title={STEK Sharing
    is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets},
    booktitle={34th USENIX Security Symposium}, author={Hebrok, Sven Niclas and Storm,
    Tim Leonhard and Cramer, Felix Matthias and Radoy, Maximilian Manfred and Somorovsky,
    Juraj}, year={2025} }'
  chicago: 'Hebrok, Sven Niclas, Tim Leonhard Storm, Felix Matthias Cramer, Maximilian
    Manfred Radoy, and Juraj Somorovsky. “STEK Sharing Is Not Caring: Bypassing TLS
    Authentication in Web Servers Using Session Tickets.” In <i>34th USENIX Security
    Symposium</i>, 2025.'
  ieee: 'S. N. Hebrok, T. L. Storm, F. M. Cramer, M. M. Radoy, and J. Somorovsky,
    “STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using
    Session Tickets,” 2025.'
  mla: 'Hebrok, Sven Niclas, et al. “STEK Sharing Is Not Caring: Bypassing TLS Authentication
    in Web Servers Using Session Tickets.” <i>34th USENIX Security Symposium</i>,
    2025.'
  short: 'S.N. Hebrok, T.L. Storm, F.M. Cramer, M.M. Radoy, J. Somorovsky, in: 34th
    USENIX Security Symposium, 2025.'
date_created: 2025-08-21T13:43:47Z
date_updated: 2025-09-29T13:46:49Z
ddc:
- '000'
department:
- _id: '632'
file:
- access_level: open_access
  content_type: application/pdf
  creator: snhebrok
  date_created: 2025-09-29T13:41:18Z
  date_updated: 2025-09-29T13:46:49Z
  file_id: '61465'
  file_name: paper.pdf
  file_size: 333869
  relation: main_file
- access_level: open_access
  content_type: application/pdf
  creator: snhebrok
  date_created: 2025-09-29T13:41:27Z
  date_updated: 2025-09-29T13:46:49Z
  file_id: '61466'
  file_name: ae.pdf
  file_size: 162464
  relation: supplementary_material
- access_level: open_access
  content_type: application/pdf
  creator: snhebrok
  date_created: 2025-09-29T13:41:41Z
  date_updated: 2025-09-29T13:46:49Z
  file_id: '61467'
  file_name: poster.pdf
  file_size: 535577
  relation: poster
- access_level: open_access
  content_type: application/pdf
  creator: snhebrok
  date_created: 2025-09-29T13:42:04Z
  date_updated: 2025-09-29T13:46:49Z
  file_id: '61468'
  file_name: slides.pdf
  file_size: 3057223
  relation: slides
file_date_updated: 2025-09-29T13:46:49Z
has_accepted_license: '1'
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://www.usenix.org/conference/usenixsecurity25/presentation/hebrok
oa: '1'
publication: 34th USENIX Security Symposium
status: public
title: 'STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using
  Session Tickets'
type: conference
user_id: '55616'
year: '2025'
...