Session Resumption
Session Resumption
Using SessionTickets for fast reconnect
To avoid the network cost of a full handshake when a client reconnects, KSP supports ticket-based session resumption, similar to TLS 1.3.
The SessionTicket
At session establishment, the server generates a SessionTicket containing the encrypted state of the session. The state is encrypted using a server-side Master Ticket Encryption Key (MTEK) known only to the server clusters.
SessionTicket Payload (Encrypted by Server):
- Session ID (16 bytes)
- Negotiated Cipher Suite (2 bytes)
- Master Secret (32 bytes)
- Expiration Timestamp (8 bytes)
- Identity verification (e.g. Client User ID)
Resumption Handshake Flow
- The client sends the ticket in a
SessionResumepacket instead of a normalClientHello. - The server decrypts the ticket using its MTEK, validating expiration and authenticity.
- If valid, the server bypasses Certificate exchange and Authentication, restoring session keys immediately.
- A fresh ephemeral key exchange (ECDHE) is still executed within the resumption flow to preserve Forward Secrecy.