← Lessons

quiz vs the machine

Gold1450

Networking

QUIC Zero RTT Resumption

How a returning client sends data with no handshake delay.

5 min read · core · beat Gold to climb

The Goal

A fresh secure connection normally costs at least one round trip before any application data can flow. Zero RTT lets a client that has talked to a server before send data in its very first packet.

How Resumption Works

After a first connection, the server gives the client a ticket and the parameters needed to derive keys again.

  • On return, the client uses the stored secret to encrypt early data.
  • It sends the request alongside the handshake start.
  • The server can act on that early data immediately.

This saves a full round trip, which matters most on high latency mobile links.

The Replay Danger

Zero RTT data is not protected against replay. An attacker who captures the early packets can resend them, and the server might process the request twice.

  • Only idempotent actions are safe to send as zero RTT.
  • A read like fetching a page is fine to repeat.
  • A write like placing an order must wait for the full handshake.

Guarding The Boundary

Servers limit what early data may do and may reject zero RTT entirely under load, forcing the safe one round trip path.

Key idea

Zero RTT lets a returning client send encrypted early data in its first packet to save a round trip, but because early data can be replayed it is safe only for idempotent requests.

Check yourself

Answer to earn rating on the learn ladder.

1. What makes zero RTT faster than a normal handshake?

2. Why is zero RTT unsafe for non idempotent requests?

3. What may a server do under load instead of accepting zero RTT?