{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,4]],"date-time":"2025-07-04T05:39:54Z","timestamp":1751607594163,"version":"3.40.3"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031708954"},{"type":"electronic","value":"9783031708961"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-70896-1_16","type":"book-chapter","created":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T12:03:57Z","timestamp":1725537837000},"page":"320-340","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["In Search of\u00a0Partitioning Oracle Attacks Against TLS Session Tickets"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-3059-6823","authenticated-orcid":false,"given":"Maximilian","family":"Radoy","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-1172-1665","authenticated-orcid":false,"given":"Sven","family":"Hebrok","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3593-7720","authenticated-orcid":false,"given":"Juraj","family":"Somorovsky","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,9,6]]},"reference":[{"key":"16_CR1","unstructured":"Shadowsocks. https:\/\/shadowsocks.org\/"},{"key":"16_CR2","unstructured":"TLS-Attacker. https:\/\/github.com\/tls-attacker\/TLS-Attacker"},{"key":"16_CR3","unstructured":"TLS-Scanner. https:\/\/github.com\/tls-attacker\/TLS-Scanner"},{"key":"16_CR4","unstructured":"Albertini, A., Duong, T., Gueron, S., K\u00f6lbl, S., Luykx, A., Schmieg, S.: How to abuse and fix authenticated encryption without key commitment. In: Butler, K.R.B., Thomas, K. (eds.) USENIX Security 2022: 31st USENIX Security Symposium, Boston, MA, USA,\u00a010\u201312 August 2022, pp. 3291\u20133308. USENIX Association (2022)"},{"key":"16_CR5","doi-asserted-by":"publisher","unstructured":"Arfaoui, G., Bultel, X., Fouque, P.A., Nedelcu, A., Onete, C.: The privacy of the TLS 1.3 protocol. Proc. Priv. Enhanc. Technol. 2019(4), 190\u2013210 (2019). https:\/\/doi.org\/10.2478\/popets-2019-0065","DOI":"10.2478\/popets-2019-0065"},{"key":"16_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1007\/978-3-030-92548-2_3","volume-title":"Cryptology and Network Security","author":"M Armour","year":"2021","unstructured":"Armour, M., Cid, C.: Partition oracles from\u00a0weak key forgeries. In: Conti, M., Stevens, M., Krenn, S. (eds.) CANS 2021. LNCS, vol. 13099, pp. 42\u201362. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92548-2_3"},{"key":"16_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"845","DOI":"10.1007\/978-3-031-07085-3_29","volume-title":"Advances in Cryptology - EUROCRYPT 2022, Part II","author":"M Bellare","year":"2022","unstructured":"Bellare, M., Hoang, V.T.: Efficient schemes for committing authenticated encryption. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Part II. Lecture Notes in Computer Science, vol. 13276, pp. 845\u2013875. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-07085-3_29"},{"key":"16_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1007\/11502760_3","volume-title":"Fast Software Encryption","author":"DJ Bernstein","year":"2005","unstructured":"Bernstein, D.J.: The Poly1305-AES message-authentication code. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 32\u201349. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11502760_3"},{"key":"16_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-32101-7_1","volume-title":"Financial Cryptography and Data Security","author":"J Breitner","year":"2019","unstructured":"Breitner, J., Heninger, N.: Biased nonce sense: lattice attacks against weak ECDSA signatures in cryptocurrencies. In: Goldberg, I., Moore, T. (eds.) FC 2019. LNCS, vol. 11598, pp. 3\u201320. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-32101-7_1"},{"key":"16_CR10","doi-asserted-by":"publisher","unstructured":"Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard), August 2008. https:\/\/doi.org\/10.17487\/RFC5246. https:\/\/www.rfc-editor.org\/rfc\/rfc5246.txt, obsoleted by RFC 8446, updated by RFCs 5746, 5878, 6176, 7465, 7507, 7568, 7627, 7685, 7905, 7919, 8447, 9155","DOI":"10.17487\/RFC5246"},{"key":"16_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"155","DOI":"10.1007\/978-3-319-96884-1_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"Y Dodis","year":"2018","unstructured":"Dodis, Y., Grubbs, P., Ristenpart, T., Woodage, J.: Fast message franking: from invisible salamanders to encryptment. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part I. LNCS, vol. 10991, pp. 155\u2013186. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96884-1_6"},{"key":"16_CR12","doi-asserted-by":"publisher","unstructured":"Durumeric, Z., et al.: The matter of heartbleed. In: Proceedings of the 2014 Internet Measurement Conference, IMC, pp. 475\u2013488. ACM (2014). https:\/\/doi.org\/10.1145\/2663716.2663755","DOI":"10.1145\/2663716.2663755"},{"key":"16_CR13","unstructured":"Durumeric, Z., Wustrow, E., Halderman, J.A.: ZMap: fast internet-wide scanning and its security applications. In: USENIX Security Symposium, pp. 605\u2013620. USENIX Association (2013)"},{"key":"16_CR14","doi-asserted-by":"publisher","unstructured":"Dworkin, M.: Recommendation for block cipher modes of operation: Galois\/Counter Mode (GCM) and GMAC. Technical report. NIST Special Publication (SP) 800-38D, National Institute of Standards and Technology, November 2007. https:\/\/doi.org\/10.6028\/NIST.SP.800-38D","DOI":"10.6028\/NIST.SP.800-38D"},{"key":"16_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1007\/978-3-319-63697-9_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"P Grubbs","year":"2017","unstructured":"Grubbs, P., Lu, J., Ristenpart, T.: Message franking via committing authenticated encryption. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part III. LNCS, vol. 10403, pp. 66\u201397. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_3"},{"key":"16_CR16","unstructured":"Hebrok, S., et al.: We really need to talk about session tickets: A large-scale analysis of cryptographic dangers with TLS session tickets. In: USENIX Security Symposium, pp. 4877\u20134894. USENIX Association (2023)"},{"key":"16_CR17","unstructured":"Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A.: Mining your Ps and Qs: Detection of widespread weak keys in network devices. In: Kohno, T. (ed.) USENIX Security 2012: 21st USENIX Security Symposium, Bellevue, WA, USA,\u00a08\u201310 August 2012, pp. 205\u2013220. USENIX Association (2012)"},{"key":"16_CR18","unstructured":"Hughes, J.P.: BadRandom: the effect and mitigations for low entropy random numbers in TLS. Ph.D. thesis, University of California, Santa Cruz, USA (2021)"},{"key":"16_CR19","unstructured":"ITU-T: ASN.1 encoding rules: specification of basic encoding rules (BER), canonical encoding rules (CER) and distinguished encoding rules (DER), Technical report, ITU (2019)"},{"key":"16_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"456","DOI":"10.1007\/978-3-319-78372-7_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"S Jarecki","year":"2018","unstructured":"Jarecki, S., Krawczyk, H., Xu, J.: OPAQUE: An asymmetric PAKE protocol secure against pre-computation attacks. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part III. LNCS, vol. 10822, pp. 456\u2013486. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_15"},{"key":"16_CR21","doi-asserted-by":"crossref","unstructured":"Le Pochat, V., van Goethem, T., Tajalizadehkhoob, S., Korczynski, M., Joosen, W.: Tranco: A research-oriented top sites ranking hardened against manipulation. In: ISOC Network and Distributed System Security Symposium \u2013 NDSS\u00a02019, San Diego, CA, USA,\u00a024\u201327 February 2019. The Internet Society (2019)","DOI":"10.14722\/ndss.2019.23386"},{"key":"16_CR22","unstructured":"Len, J., Grubbs, P., Ristenpart, T.: Partitioning oracle attacks. Cryptology ePrint Archive, Report 2020\/1491 (2020). https:\/\/eprint.iacr.org\/2020\/1491"},{"key":"16_CR23","unstructured":"Len, J., Grubbs, P., Ristenpart, T.: Partitioning oracle attacks. In: Bailey, M., Greenstadt, R. (eds.) USENIX Security 2021: 30th USENIX Security Symposium,\u00a011\u201313 August 2021, pp. 195\u2013212. USENIX Association (2021)"},{"key":"16_CR24","unstructured":"McGrew, D.A., Viega, J.: The Galois\/Counter Mode of Operation (GCM), May 2005"},{"key":"16_CR25","unstructured":"Merget, R., et al.: Scalable scanning and automatic classification of TLS padding oracle vulnerabilities. In: Heninger, N., Traynor, P. (eds.) USENIX Security 2019: 28th USENIX Security Symposium, Santa Clara, CA, USA,\u00a014\u201316 August 2019, pp. 1029\u20131046. USENIX Association (2019)"},{"key":"16_CR26","doi-asserted-by":"publisher","unstructured":"Nir, Y., Langley, A.: ChaCha20 and Poly1305 for IETF Protocols. RFC 7539 (Informational), May 2015. https:\/\/doi.org\/10.17487\/RFC7539. https:\/\/www.rfc-editor.org\/rfc\/rfc7539.txt, obsoleted by RFC 8439","DOI":"10.17487\/RFC7539"},{"key":"16_CR27","doi-asserted-by":"publisher","unstructured":"Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446 (Proposed Standard), August 2018. https:\/\/doi.org\/10.17487\/RFC8446. https:\/\/www.rfc-editor.org\/rfc\/rfc8446.txt","DOI":"10.17487\/RFC8446"},{"key":"16_CR28","doi-asserted-by":"publisher","unstructured":"Salowey, J., Zhou, H., Eronen, P., Tschofenig, H.: Transport Layer Security (TLS) Session Resumption without Server-Side State. RFC 5077 (Proposed Standard), January 2008. https:\/\/doi.org\/10.17487\/RFC5077. https:\/\/www.rfc-editor.org\/rfc\/rfc5077.txt, obsoleted by RFC 8446, updated by RFC 8447","DOI":"10.17487\/RFC5077"},{"key":"16_CR29","doi-asserted-by":"publisher","unstructured":"Somorovsky, J.: Systematic fuzzing and testing of TLS libraries. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016: 23rd Conference on Computer and Communications Security, Vienna, Austria,\u00a024\u201328 October 2016, pp. 1492\u20131504. ACM Press (2016). https:\/\/doi.org\/10.1145\/2976749.2978411","DOI":"10.1145\/2976749.2978411"},{"key":"16_CR30","doi-asserted-by":"crossref","unstructured":"Springall, D., Durumeric, Z., Halderman, J.A.: Measuring the security harm of TLS crypto shortcuts. In: Internet Measurement Conference, pp. 33\u201347. ACM (2016)","DOI":"10.1145\/2987443.2987480"},{"key":"16_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1007\/978-3-662-49890-3_25","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"F Strenzke","year":"2016","unstructured":"Strenzke, F.: An analysis of OpenSSL\u2019s random number generator. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part I. LNCS, vol. 9665, pp. 644\u2013669. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49890-3_25"},{"key":"16_CR32","doi-asserted-by":"crossref","unstructured":"Sy, E., Burkert, C., Federrath, H., Fischer, M.: Tracking users across the web via TLS session resumption. In: ACSAC, pp. 289\u2013299. ACM (2018)","DOI":"10.1145\/3274694.3274708"},{"key":"16_CR33","unstructured":"Taubert, T.: Botching forward secrecy - the sad state of server-side TLS session resumption implementations, November 2014. https:\/\/timtaubert.de\/blog\/2014\/11\/the-sad-state-of-server-side-tls-session-resumption-implementations\/"},{"key":"16_CR34","unstructured":"Tordsson, P.: Partitioning oracle attacks against variants of AES-GCM and ChaCha20-Poly1305 (2021)"},{"key":"16_CR35","unstructured":"Valsorda, F.: Ticketbleed (CVE-2016-9244), February 2017. https:\/\/filippo.io\/ticketbleed\/"},{"key":"16_CR36","unstructured":"Valsorda, F.: We need to talk about session tickets, September 2017. https:\/\/blog.filippo.io\/we-need-to-talk-about-session-tickets"},{"key":"16_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"534","DOI":"10.1007\/3-540-46035-7_35","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2002","author":"S Vaudenay","year":"2002","unstructured":"Vaudenay, S.: Security flaws induced by CBC padding \u2014 applications to SSL, IPSEC, WTLS... In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534\u2013545. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-46035-7_35"},{"key":"16_CR38","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1016\/0022-0000(81)90033-7","volume":"22","author":"MN Wegman","year":"1981","unstructured":"Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22, 265\u2013279 (1981)","journal-title":"J. Comput. Syst. Sci."}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-70896-1_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T12:08:52Z","timestamp":1725538132000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-70896-1_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031708954","9783031708961"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-70896-1_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"6 September 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bydgoszcz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2024.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}