Session Resumption
DocsImplementation GuideSession Resumption

Session Resumption

Using SessionTickets for fast reconnect

To avoid the network cost of a full handshake when a client reconnects, KSP supports ticket-based session resumption, similar to TLS 1.3.

The SessionTicket

At session establishment, the server generates a SessionTicket containing the encrypted state of the session. The state is encrypted using a server-side Master Ticket Encryption Key (MTEK) known only to the server clusters.

SessionTicket Payload (Encrypted by Server): - Session ID (16 bytes) - Negotiated Cipher Suite (2 bytes) - Master Secret (32 bytes) - Expiration Timestamp (8 bytes) - Identity verification (e.g. Client User ID)

Resumption Handshake Flow

  1. The client sends the ticket in a SessionResume packet instead of a normal ClientHello.
  2. The server decrypts the ticket using its MTEK, validating expiration and authenticity.
  3. If valid, the server bypasses Certificate exchange and Authentication, restoring session keys immediately.
  4. A fresh ephemeral key exchange (ECDHE) is still executed within the resumption flow to preserve Forward Secrecy.