What is TLS session resumption, and what is 0-RTT?
Quick Answer
Session resumption lets a client and server skip the expensive parts of a full handshake when reconnecting, by reusing keying material from a previous connection. TLS 1.3's version of this is called a PSK (pre-shared key) resumption, and it can optionally use 0-RTT, where the client sends encrypted application data in its very first flight, with zero round trips of waiting. The trade-off: 0-RTT data can be replayed by an attacker, so it's only safe for requests that are safe to repeat.
Detailed Answer
Running a full handshake for every single connection is wasteful if a client has already talked to a server recently. Session resumption reuses previous keying material to skip the expensive parts.
First connection: full 1-RTT handshake, server issues a session ticket
Later connection: Client sends: ClientHello + session ticket + 0-RTT data
------------------------------------------------->
Server recognizes ticket, derives keys instantly,
and can decrypt that 0-RTT data right away
<-------------------------------------------------
In TLS 1.3, resumption works through a pre-shared key (PSK), derived from an earlier session. On the follow-up connection, both sides already agree on a starting secret, so the expensive public-key math can be skipped.
0-RTT takes this further: the client can send actual encrypted application data (like an HTTP GET request) in the very first message, before the server has even replied. This removes the wait entirely for that data.
The catch: 0-RTT data has no protection against replay attacks. A network attacker could capture that first flight and resend it, and the server would process it again, since a resumed session's key material is reused. For this reason:
- 0-RTT is only considered safe for idempotent requests, like a
GETfor a public page, safe to run more than once. - It should never be used for anything that changes state, like a
POSTto make a payment or submit a form, unless the application adds its own replay protection.