{"id":"https://openalex.org/W2951215606","doi":"https://doi.org/10.1007/s00145-021-09385-0","title":"Session Resumption Protocols and Efficient Forward Security for TLS 1.3 0-RTT","display_name":"Session Resumption Protocols and Efficient Forward Security for TLS 1.3 0-RTT","publication_year":2021,"publication_date":"2021-05-18","ids":{"openalex":"https://openalex.org/W2951215606","doi":"https://doi.org/10.1007/s00145-021-09385-0","mag":"2951215606"},"language":"en","primary_location":{"id":"doi:10.1007/s00145-021-09385-0","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s00145-021-09385-0","pdf_url":"https://link.springer.com/content/pdf/10.1007/s00145-021-09385-0.pdf","source":{"id":"https://openalex.org/S190936789","display_name":"Journal of Cryptology","issn_l":"0933-2790","issn":["0933-2790","1432-1378"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cryptology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s00145-021-09385-0.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5086944898","display_name":"Nimrod Aviram","orcid":null},"institutions":[{"id":"https://openalex.org/I16391192","display_name":"Tel Aviv University","ror":"https://ror.org/04mhzgx49","country_code":"IL","type":"education","lineage":["https://openalex.org/I16391192"]}],"countries":["IL"],"is_corresponding":true,"raw_author_name":"Nimrod Aviram","raw_affiliation_strings":["Tel Aviv University, Tel Aviv, Israel"],"affiliations":[{"raw_affiliation_string":"Tel Aviv University, Tel Aviv, Israel","institution_ids":["https://openalex.org/I16391192"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041890370","display_name":"Kai Gellert","orcid":"https://orcid.org/0000-0003-0985-7265"},"institutions":[{"id":"https://openalex.org/I167360494","display_name":"University of Wuppertal","ror":"https://ror.org/00613ak93","country_code":"DE","type":"education","lineage":["https://openalex.org/I167360494"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Kai Gellert","raw_affiliation_strings":["Bergische Universit\u00e4t Wuppertal, Wuppertal, Germany"],"affiliations":[{"raw_affiliation_string":"Bergische Universit\u00e4t Wuppertal, Wuppertal, Germany","institution_ids":["https://openalex.org/I167360494"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5090157645","display_name":"Tibor Jager","orcid":"https://orcid.org/0000-0002-3205-7699"},"institutions":[{"id":"https://openalex.org/I167360494","display_name":"University of Wuppertal","ror":"https://ror.org/00613ak93","country_code":"DE","type":"education","lineage":["https://openalex.org/I167360494"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Tibor Jager","raw_affiliation_strings":["Bergische Universit\u00e4t Wuppertal, Wuppertal, Germany"],"affiliations":[{"raw_affiliation_string":"Bergische Universit\u00e4t Wuppertal, Wuppertal, Germany","institution_ids":["https://openalex.org/I167360494"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5086944898"],"corresponding_institution_ids":["https://openalex.org/I16391192"],"apc_list":{"value":2290,"currency":"EUR","value_usd":2890},"apc_paid":{"value":2290,"currency":"EUR","value_usd":2890},"fwci":1.8199,"has_fulltext":true,"cited_by_count":20,"citation_normalized_percentile":{"value":0.87389435,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"34","issue":"3","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9972000122070312,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8461475372314453},{"id":"https://openalex.org/keywords/session","display_name":"Session (web analytics)","score":0.8432108163833618},{"id":"https://openalex.org/keywords/handshake","display_name":"Handshake","score":0.6501168012619019},{"id":"https://openalex.org/keywords/replay-attack","display_name":"Replay attack","score":0.624340295791626},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5705474615097046},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5473655462265015},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5346222519874573},{"id":"https://openalex.org/keywords/session-key","display_name":"Session key","score":0.5121843814849854},{"id":"https://openalex.org/keywords/transport-layer-security","display_name":"Transport Layer Security","score":0.45338428020477295},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.4181951880455017},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.3087098002433777},{"id":"https://openalex.org/keywords/asynchronous-communication","display_name":"Asynchronous communication","score":0.12822023034095764},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.07862362265586853}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8461475372314453},{"id":"https://openalex.org/C2779182362","wikidata":"https://www.wikidata.org/wiki/Q17126187","display_name":"Session (web analytics)","level":2,"score":0.8432108163833618},{"id":"https://openalex.org/C2778000800","wikidata":"https://www.wikidata.org/wiki/Q830043","display_name":"Handshake","level":3,"score":0.6501168012619019},{"id":"https://openalex.org/C11560541","wikidata":"https://www.wikidata.org/wiki/Q1756025","display_name":"Replay attack","level":3,"score":0.624340295791626},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5705474615097046},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5473655462265015},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5346222519874573},{"id":"https://openalex.org/C191197275","wikidata":"https://www.wikidata.org/wiki/Q1755775","display_name":"Session key","level":3,"score":0.5121843814849854},{"id":"https://openalex.org/C148176105","wikidata":"https://www.wikidata.org/wiki/Q206494","display_name":"Transport Layer Security","level":3,"score":0.45338428020477295},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.4181951880455017},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.3087098002433777},{"id":"https://openalex.org/C151319957","wikidata":"https://www.wikidata.org/wiki/Q752739","display_name":"Asynchronous communication","level":2,"score":0.12822023034095764},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.07862362265586853}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/s00145-021-09385-0","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s00145-021-09385-0","pdf_url":"https://link.springer.com/content/pdf/10.1007/s00145-021-09385-0.pdf","source":{"id":"https://openalex.org/S190936789","display_name":"Journal of Cryptology","issn_l":"0933-2790","issn":["0933-2790","1432-1378"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cryptology","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1007/s00145-021-09385-0","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s00145-021-09385-0","pdf_url":"https://link.springer.com/content/pdf/10.1007/s00145-021-09385-0.pdf","source":{"id":"https://openalex.org/S190936789","display_name":"Journal of Cryptology","issn_l":"0933-2790","issn":["0933-2790","1432-1378"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cryptology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2406128221","display_name":"Theoretically-Sound Real-World Cryptography","funder_award_id":"802823","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G3350584863","display_name":null,"funder_award_id":"JA 2445/2-1","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G4956428346","display_name":null,"funder_award_id":"Horizon 2020 research and innovatio","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5036817778","display_name":null,"funder_award_id":"European Union's Horizon 2020 research and innov","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G6052429835","display_name":null,"funder_award_id":"(DFG)","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G794955070","display_name":null,"funder_award_id":"2445/2-1","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G8318064016","display_name":null,"funder_award_id":"Horizon","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8633428685","display_name":null,"funder_award_id":"European Union's Horizon 2020 research and innovat","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320313454","display_name":"Bergische Universit\u00e4t Wuppertal","ror":"https://ror.org/00613ak93"},{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"},{"id":"https://openalex.org/F4320337179","display_name":"Check Point Institute for Information Security, Tel Aviv University","ror":null},{"id":"https://openalex.org/F4320337313","display_name":"Yitzhak and Chaya Weinstein Research Institute for Signal Processing, Tel Aviv University","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2951215606.pdf","grobid_xml":"https://content.openalex.org/works/W2951215606.grobid-xml"},"referenced_works_count":41,"referenced_works":["https://openalex.org/W75729132","https://openalex.org/W1512498994","https://openalex.org/W1554247779","https://openalex.org/W1568885723","https://openalex.org/W1589205472","https://openalex.org/W1607188293","https://openalex.org/W1656678770","https://openalex.org/W1963071371","https://openalex.org/W1984153141","https://openalex.org/W1993060580","https://openalex.org/W1996182770","https://openalex.org/W2027528470","https://openalex.org/W2052267638","https://openalex.org/W2085759780","https://openalex.org/W2087115651","https://openalex.org/W2092279637","https://openalex.org/W2107506969","https://openalex.org/W2109767152","https://openalex.org/W2117362057","https://openalex.org/W2131300413","https://openalex.org/W2135632979","https://openalex.org/W2153041122","https://openalex.org/W2158246155","https://openalex.org/W2164090669","https://openalex.org/W2165549155","https://openalex.org/W2270478131","https://openalex.org/W2513374167","https://openalex.org/W2556675027","https://openalex.org/W2601396684","https://openalex.org/W2621530037","https://openalex.org/W2684257313","https://openalex.org/W2733667569","https://openalex.org/W2794987877","https://openalex.org/W2883305949","https://openalex.org/W2915352631","https://openalex.org/W2935452154","https://openalex.org/W3029881607","https://openalex.org/W3046578658","https://openalex.org/W3080846549","https://openalex.org/W3083633640","https://openalex.org/W3168670086"],"related_works":["https://openalex.org/W4296873577","https://openalex.org/W4295681914","https://openalex.org/W4313064690","https://openalex.org/W2503991861","https://openalex.org/W2516734788","https://openalex.org/W2612638001","https://openalex.org/W2347296673","https://openalex.org/W1971902782","https://openalex.org/W4319159013","https://openalex.org/W2270926261"],"abstract_inverted_index":{"Abstract":[0],"The":[1,50,64,82,228,324],"TLS":[2,153,183,226],"1.3":[3,154,184],"0-RTT":[4,155,203],"mode":[5],"enables":[6],"a":[7,11,27,76,125,175,253,261,283,328,334,340,351,359],"client":[8],"reconnecting":[9],"to":[10,13,36,53,95,98,165,239,355,358],"server":[12,35,250],"send":[14],"encrypted":[15],"application-layer":[16],"data":[17],"in":[18,152,225,260,278,312],"\u201c0-RTT\u201d":[19],"(\u201czero":[20],"round-trip":[21],"time\u201d),":[22],"without":[23,161],"the":[24,34,38,46,168,191,202,234,248,301,347],"need":[25],"for":[26,198,217,219,243,314,370],"prior":[28],"interactive":[29],"handshake.":[30],"This":[31,189],"fundamentally":[32],"requires":[33,75,84],"reconstruct":[37],"previous":[39],"session\u2019s":[40],"encryption":[41],"secrets":[42],"upon":[43],"receipt":[44],"of":[45,79,178,211,255,296,303,343,353,377],"client\u2019s":[47],"first":[48,105,192,229],"message.":[49],"standard":[51,240,329,360],"techniques":[52],"achieve":[54],"this":[55,102,171,345],"are":[56,214,270,322],"session":[57,61,108,118,121,223,241,286,361],"caches":[58,119],"or,":[59],"alternatively,":[60],"tickets":[62,378],".":[63],"former":[65],"provides":[66,88,131],"forward":[67,90,132,196],"security":[68,91,133,197,309],"and":[69,92,120,134,156,185,221,267,373],"resistance":[70],"against":[71],"replay":[72,99,135],"attacks,":[73],"but":[74,87],"large":[77],"amount":[78,302],"server-side":[80],"storage.":[81],"latter":[83],"negligible":[85],"storage,":[86,297],"no":[89],"is":[93,231,368],"known":[94],"be":[96,150,289],"vulnerable":[97],"attacks.":[100],"In":[101],"paper,":[103],"we":[104,173],"formally":[106],"define":[107],"resumption":[109,224],"protocols":[110],"as":[111],"an":[112,279],"abstract":[113],"perspective":[114],"on":[115,138,233,272],"mechanisms":[116],"like":[117],"tickets.":[122],"We":[123,143,205],"give":[124],"new":[126,180,209,335],"generic":[127,176],"construction":[128,147,181,193,230,326],"that":[129,145,194,264],"provably":[130],"resilience,":[136],"based":[137,232],"puncturable":[139],"pseudorandom":[140],"functions":[141],"(PPRFs).":[142],"show":[144],"our":[146,179],"can":[148,288,374],"immediately":[149],"used":[151],"deployed":[157],"unilaterally":[158],"by":[159,252,350],"servers,":[160],"requiring":[162],"any":[163],"changes":[164],"clients":[166],"or":[167,311],"protocol.":[169],"To":[170],"end,":[172],"present":[174],"composition":[177],"with":[182,291,333],"prove":[186],"its":[187],"security.":[188],"yields":[190],"achieves":[195],"all":[199],"messages,":[200],"including":[201],"data.":[204],"then":[206],"describe":[207],"two":[208],"constructions":[210],"PPRFs,":[212],"which":[213,298],"particularly":[215],"suitable":[216,369],"use":[218],"forward-secure":[220],"replay-resilient":[222],"1.3.":[227],"strong":[235],"RSA":[236,280],"assumption.":[237],"Compared":[238],"caches,":[242],"\u201c128-bit":[244],"security\u201d":[245],"it":[246],"reduces":[247,300,346],"required":[249,348],"storage":[251,320,349],"factor":[254,352],"almost":[256],"20,":[257],"when":[258],"instantiated":[259],"way":[262],"such":[263],"key":[265],"derivation":[266],"puncturing":[268],"together":[269],"cheaper":[271],"average":[273],"than":[274],"one":[275],"full":[276],"exponentiation":[277],"group.":[281],"Hence,":[282],"1":[284],"GB":[285],"cache":[287],"replaced":[290],"only":[292,365],"about":[293],"51":[294],"MBs":[295],"significantly":[299],"secure":[304],"memory":[305],"required.":[306],"For":[307,339],"larger":[308,319],"parameters":[310],"exchange":[313],"more":[315],"expensive":[316],"computations,":[317],"even":[318],"reductions":[321],"achieved.":[323],"second":[325],"combines":[327],"binary":[330],"tree":[331],"PPRF":[332],"\u201cdomain":[336],"extension\u201d":[337],"technique.":[338],"reasonable":[341],"choice":[342],"parameters,":[344],"up":[354],"5":[356],"compared":[357],"cache.":[362],"It":[363],"employs":[364],"symmetric":[366],"cryptography,":[367],"high-traffic":[371],"scenarios,":[372],"serve":[375],"thousands":[376],"per":[379],"second.":[380]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2}],"updated_date":"2026-04-13T07:58:08.660418","created_date":"2025-10-10T00:00:00"}