TLS scan results for March 2015

Hubert Kario <hkario@xxxxxxxxxx> · Sun, 29 Mar 2015 14:41:40 -0400 (EDT)

This month's results are a bit more interesting, significant fall in RC4
support (10%), SHA-1 certificates below 50% of market share.

Detailed analysis on my blog:
https://securitypitfalls.wordpress.com/2015/03/29/march-2015-scan-results/

SSL/TLS survey of 490866 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)

Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      407148    82.9448
3DES Only                 780       0.1589
AES                       473911    96.5459
AES Only                  10460     2.1309
AES-CBC Only              4648      0.9469
AES-GCM                   296424    60.388
AES-GCM Only              18        0.0037
CAMELLIA                  207419    42.2557
CAMELLIA Only             1         0.0002
CHACHA20                  60469     12.3188
CHACHA20 Only             1         0.0002
Insecure                  85180     17.353
RC4                       320737    65.3411
RC4 Only                  2912      0.5932
RC4 Preferred             53442     10.8873
RC4 forced in TLS1.1+     32201     6.56
x:FF 29 RC4 Only          472       0.0962
x:FF 29 RC4 Preferred     58536     11.925
x:FF 29 incompatible      132       0.0269
y:DHE-RSA-SEED-SHA        108308    22.0647
y:IDEA-CBC-MD5            2768      0.5639
y:IDEA-CBC-SHA            87595     17.845
y:SEED-SHA                105451    21.4826
z:ADH-AES128-GCM-SHA256   422       0.086
z:ADH-AES128-SHA          1103      0.2247
z:ADH-AES128-SHA256       311       0.0634
z:ADH-AES256-GCM-SHA384   433       0.0882
z:ADH-AES256-SHA          1109      0.2259
z:ADH-AES256-SHA256       314       0.064
z:ADH-CAMELLIA128-SHA     560       0.1141
z:ADH-CAMELLIA256-SHA     569       0.1159
z:ADH-DES-CBC-SHA         379       0.0772
z:ADH-DES-CBC3-SHA        1130      0.2302
z:ADH-RC4-MD5             884       0.1801
z:ADH-SEED-SHA            394       0.0803
z:AECDH-AES128-SHA        14471     2.9481
z:AECDH-AES256-SHA        14474     2.9487
z:AECDH-DES-CBC3-SHA      14430     2.9397
z:AECDH-NULL-SHA          29        0.0059
z:AECDH-RC4-SHA           13672     2.7853
z:DES-CBC-MD5             17518     3.5688
z:DES-CBC-SHA             47111     9.5975
z:DES-CBC3-MD5            32625     6.6464
z:ECDHE-RSA-NULL-SHA      35        0.0071
z:EDH-RSA-DES-CBC-SHA     40234     8.1965
z:EXP-ADH-DES-CBC-SHA     303       0.0617
z:EXP-ADH-RC4-MD5         305       0.0621
z:EXP-DES-CBC-SHA         29855     6.0821
z:EXP-EDH-RSA-DES-CBC-SHA 22110     4.5043
z:EXP-RC2-CBC-MD5         34449     7.018
z:EXP-RC4-MD5             37185     7.5754
z:EXP1024-DES-CBC-SHA     8663      1.7648
z:EXP1024-RC4-SHA         8830      1.7989
z:NULL-MD5                278       0.0566
z:NULL-SHA                280       0.057
z:NULL-SHA256             11        0.0022
z:RC2-CBC-MD5             17890     3.6446
z:RC4-64-MD5              1436      0.2925

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               139786    28.4774
Server side               351080    71.5226

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1266      0.2579
AECDH                     14497     2.9534
DHE                       268821    54.7646
ECDHE                     320467    65.286
ECDHE and DHE             168193    34.2645
RSA                       456968    93.0942

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,512bits                22192     4.521    8.2553
DH,768bits                763       0.1554   0.2838
DH,1024bits               223064    45.443   82.9786
DH,1536bits               1         0.0002   0.0004
DH,2048bits               42555     8.6694   15.8302
DH,2226bits               1         0.0002   0.0004
DH,2236bits               2         0.0004   0.0007
DH,3072bits               19        0.0039   0.0071
DH,3248bits               2         0.0004   0.0007
DH,4096bits               2364      0.4816   0.8794
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        7         0.0014   0.0022
ECDH,K-163,163bits        1         0.0002   0.0003
ECDH,P-224,224bits        50        0.0102   0.0156
ECDH,P-256,256bits        313819    63.9317  97.9255
ECDH,P-384,384bits        3463      0.7055   1.0806
ECDH,B-409,409bits        1         0.0002   0.0003
ECDH,P-521,521bits        4730      0.9636   1.476
ECDH,B-571,570bits        750       0.1528   0.234
Prefer DH,512bits         3         0.0006   0.0011
Prefer DH,768bits         432       0.088    0.1607
Prefer DH,1024bits        95849     19.5265  35.6553
Prefer DH,2048bits        3048      0.6209   1.1338
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,3072bits        1         0.0002   0.0004
Prefer DH,4096bits        92        0.0187   0.0342
Prefer ECDH,B-163,163bits 7         0.0014   0.0022
Prefer ECDH,K-163,163bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 17        0.0035   0.0053
Prefer ECDH,P-256,256bits 259052    52.7745  80.8358
Prefer ECDH,P-384,384bits 2751      0.5604   0.8584
Prefer ECDH,P-521,521bits 4403      0.897    1.3739
Prefer ECDH,B-571,570bits 550       0.112    0.1716
Prefer PFS                366207    74.6043  0
Support PFS               421095    85.7861  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           106       0.0216   
brainpoolP384r1           106       0.0216   
brainpoolP512r1           106       0.0216   
prime192v1                762       0.1552   
prime256v1                319803    65.1508  
prime256v1 Only           277852    56.6045  
secp160k1                 729       0.1485   
secp160r1                 730       0.1487   
secp160r2                 728       0.1483   
secp192k1                 751       0.153    
secp224k1                 785       0.1599   
secp224r1                 1393      0.2838   
secp224r1 Only            1         0.0002   
secp256k1                 799       0.1628   
secp384r1                 42156     8.5881   
secp384r1 Only            204       0.0416   
secp521r1                 10564     2.1521   
secp521r1 Only            85        0.0173   
sect163k1                 734       0.1495   
sect163k1 Only            1         0.0002   
sect163r1                 733       0.1493   
sect163r2                 740       0.1508   
sect163r2 Only            7         0.0014   
sect193r1                 732       0.1491   
sect193r2                 732       0.1491   
sect233k1                 780       0.1589   
sect233r1                 780       0.1589   
sect239k1                 779       0.1587   
sect283k1                 779       0.1587   
sect283r1                 778       0.1585   
sect409k1                 777       0.1583   
sect409r1                 777       0.1583   
sect571k1                 791       0.1611   
sect571r1                 791       0.1611   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          79157     16.126   
True                           201745    41.0998  
order-specific                 13        0.0026   
unknown                        209951    42.7716  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    1847      0.3763   
inconclusive-noecc        28        0.0057   
server                    318249    64.8342  
unknown                   170742    34.7838  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     27988     5.7018   
ECDSA-SHA1 Only                1         0.0002   
ECDSA-SHA224                   27987     5.7016   
ECDSA-SHA256                   27989     5.702    
ECDSA-SHA384                   27991     5.7024   
ECDSA-SHA512                   27993     5.7028   
ECDSA-SHA512 Only              2         0.0004   
RSA-MD5                        136241    27.7552  
RSA-SHA1                       288779    58.8305  
RSA-SHA1 Only                  44445     9.0544   
RSA-SHA224                     234597    47.7925  
RSA-SHA256                     247885    50.4995  
RSA-SHA256 Only                3147      0.6411   
RSA-SHA384                     235034    47.8815  
RSA-SHA512                     235096    47.8941  
RSA-SHA512 Only                58        0.0118   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         213446    43.4836  
indeterminate                  11        0.0022   
intolerant                     1648      0.3357   
order-fallback                 40        0.0081   
server                         105410    21.4743  
unsupported                    36763     7.4894   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     27982     5.7005   
ECDSA intolerant               14        0.0029   
ECDSA pfs-rsa-SHA512           1         0.0002   
RSA False                      134610    27.423   
RSA SHA1                       133281    27.1522  
RSA intolerant                 23009     4.6874   
RSA pfs-ecdsa-SHA512           2         0.0004   
RSA soft-nopfs                 1784      0.3634   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     9310      1.8966   
insecure                  25318     5.1578   
secure                    456238    92.9455  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      14829     3.021    
False                     9310      1.8966   
NONE                      466727    95.0824  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         1         0.0002   
5 only                    1         0.0002   
10                        6         0.0012   
10 only                   6         0.0012   
15                        5         0.001    
15 only                   5         0.001    
30                        6         0.0012   
30 only                   6         0.0012   
60                        80        0.0163   
60 only                   76        0.0155   
65                        1         0.0002   
65 only                   1         0.0002   
70                        6         0.0012   
75                        1         0.0002   
75 only                   1         0.0002   
100                       13        0.0026   
100 only                  13        0.0026   
120                       28        0.0057   
120 only                  28        0.0057   
128                       2         0.0004   
128 only                  2         0.0004   
180                       47        0.0096   
180 only                  45        0.0092   
240                       8         0.0016   
240 only                  8         0.0016   
256                       1         0.0002   
256 only                  1         0.0002   
300                       208001    42.3743  
300 only                  200049    40.7543  
360                       1         0.0002   
400                       5         0.001    
400 only                  5         0.001    
420                       109       0.0222   
420 only                  55        0.0112   
480                       13        0.0026   
480 only                  13        0.0026   
500                       4         0.0008   
500 only                  4         0.0008   
600                       14341     2.9216   
600 only                  14057     2.8637   
660                       1         0.0002   
660 only                  1         0.0002   
720                       1         0.0002   
720 only                  1         0.0002   
900                       521       0.1061   
900 only                  504       0.1027   
960                       2         0.0004   
960 only                  2         0.0004   
1200                      322       0.0656   
1200 only                 318       0.0648   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      12        0.0024   
1500 only                 11        0.0022   
1800                      349       0.0711   
1800 only                 339       0.0691   
2400                      7         0.0014   
2400 only                 7         0.0014   
2700                      7         0.0014   
2700 only                 7         0.0014   
3000                      12        0.0024   
3000 only                 12        0.0024   
3600                      397       0.0809   
3600 only                 377       0.0768   
4200                      1         0.0002   
5400                      14        0.0029   
5400 only                 2         0.0004   
6000                      3         0.0006   
6000 only                 3         0.0006   
7200                      14219     2.8967   
7200 only                 13909     2.8336   
10800                     2158      0.4396   
10800 only                2153      0.4386   
14400                     1534      0.3125   
14400 only                1529      0.3115   
18000                     2         0.0004   
18000 only                2         0.0004   
21600                     5398      1.0997   
21600 only                5398      1.0997   
28800                     13        0.0026   
28800 only                12        0.0024   
36000                     1015      0.2068   
36000 only                1008      0.2054   
43200                     25        0.0051   
43200 only                21        0.0043   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     46186     9.4091   
64800 only                46179     9.4077   
72000                     6         0.0012   
72000 only                6         0.0012   
84600                     1         0.0002   
84600 only                1         0.0002   
86000                     29        0.0059   
86000 only                29        0.0059   
86400                     271       0.0552   
86400 only                270       0.055    
100800                    13929     2.8376   
100800 only               13929     2.8376   
129600                    10        0.002    
129600 only               10        0.002    
172800                    1         0.0002   
172800 only               1         0.0002   
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    1         0.0002   
432000 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    5         0.001    
864000 only               5         0.001    
None                      190434    38.7955  
None only                 181732    37.0227  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      15465     3.1506   
ecdsa-with-SHA256         27974     5.6989   
sha1WithRSAEncryption     236900    48.2616  
sha256WithRSAEncryption   226070    46.0553  
sha512WithRSAEncryption   10        0.002    

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 27993     5.7028   
ECDSA 384                 6         0.0012   
RSA 1024                  369       0.0752   
RSA 2028                  1         0.0002   
RSA 2047                  1         0.0002   
RSA 2048                  445922    90.8439  
RSA 2049                  3         0.0006   
RSA 2056                  3         0.0006   
RSA 2058                  3         0.0006   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  13        0.0026   
RSA 2096                  1         0.0002   
RSA 2345                  1         0.0002   
RSA 2408                  2         0.0004   
RSA 2432                  7         0.0014   
RSA 2612                  2         0.0004   
RSA 3024                  1         0.0002   
RSA 3072                  88        0.0179   
RSA 3102                  1         0.0002   
RSA 3248                  3         0.0006   
RSA 3600                  1         0.0002   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  23        0.0047   
RSA 4069                  1         0.0002   
RSA 4086                  2         0.0004   
RSA 4092                  9         0.0018   
RSA 4096                  16428     3.3467   
RSA 4098                  1         0.0002   
RSA 8192                  4         0.0008   
RSA 10240                 7         0.0014   
RSA/ECDSA Dual Stack      30        0.0061

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 84875     17.2909  
Unsupported               405991    82.7091  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      32906     6.7037
SSL2 Only                 70        0.0143
SSL3                      154674    31.5104
SSL3 Only                 1232      0.251
SSL3 or TLS1 Only         99145     20.198
SSL3 or lower Only        1271      0.2589
TLS1                      488375    99.4925
TLS1 Only                 56239     11.4571
TLS1 or lower Only        129642    26.4109
TLS1.1                    346511    70.5918
TLS1.1 Only               7         0.0014
TLS1.1 or up Only         883       0.1799
TLS1.2                    357304    72.7905
TLS1.2 Only               578       0.1178
TLS1.2, 1.0 but not 1.1   12762     2.5999

Statistics from 520507 chains provided by 672015 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  460603    68.5406
incomplete                28832     4.2904
untrusted                 182580    27.169

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1205      0.2315
3                         443210    85.1497
4                         76056     14.6119
5                         36        0.0069

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 27857     
ECDSA 384                 27857     
RSA 1024                  1171      
RSA 2045                  1         
RSA 2048                  973503    
RSA 4096                  85548     

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 27857     5.3519
ECDSA 384                 27857     5.3519
RSA 1024                  1167      0.2242
RSA 2045                  1         0.0002
RSA 2048                  491325    94.3935
RSA 4096                  84807     16.2932

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              27857     
sha1WithRSAEncryption          262841    
sha256WithRSAEncryption        159502    
sha384WithRSAEncryption        145194    
sha512WithRSAEncryption        36        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        262927    50.5136
112                       229721    44.1341
128                       27859     5.3523

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 115769    22.2416
(157753a5) AddTrust External CA Root          107315    20.6174
(5ad8a5d6) GlobalSign Root CA                 53007     10.1837
(cbf06781) Go Daddy Root Certificate Authorit 45510     8.7434
(b204d74a) VeriSign Class 3 Public Primary Ce 29396     5.6476
(eed8c118) COMODO ECC Certification Authority 27851     5.3507
(2e4eed3c) thawte Primary Root CA             26160     5.0259
(244b5494) DigiCert High Assurance EV Root CA 25614     4.921
(653b494a) Baltimore CyberTrust Root          11786     2.2643
(f081611a) The Go Daddy Group, Inc.           10796     2.0741
(b13cc6df) UTN-USERFirst-Hardware             9685      1.8607
(ae8153b9) StartCom Certification Authority   9557      1.8361
(f387163d) Starfield Technologies, Inc.       7849      1.508
(40547a79) COMODO Certification Authority     6860      1.3179
(3513523f) DigiCert Global Root CA            6032      1.1589
(480720ec) GeoTrust Primary Certification Aut 5231      1.005

Scan performed between 16th and 27th of March 2015.
-- 
Regards,
Hubert Kario
--
security mailing list
security@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/security