TLS scan results for April 2015

Hubert Kario <hkario@xxxxxxxxxx> · Mon, 25 May 2015 12:13:54 +0200

Not much changes since last scan, just continuation of established trends.

As always, detailed analysis on my blog:
https://securitypitfalls.wordpress.com/2015/05/23/april-2015-scan-results/

SSL/TLS survey of 484573 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)

Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      406786    83.9473
3DES Only                 794       0.1639
AES                       472659    97.5413
AES Only                  10959     2.2616
AES-CBC                   472558    97.5205
AES-CBC Only              4829      0.9965
AES-GCM                   303174    62.5652
AES-GCM Only              29        0.006
CAMELLIA                  209131    43.1578
CAMELLIA Only             1         0.0002
CHACHA20                  58829     12.1404
CHACHA20 Only             37        0.0076
Insecure                  77058     15.9022
RC4                       292575    60.3779
RC4 Only                  2401      0.4955
RC4 Preferred             45677     9.4262
RC4 forced in TLS1.1+     27055     5.5833
x:FF 29 RC4 Only          2759      0.5694
x:FF 29 RC4 Preferred     50228     10.3654
x:FF 29 incompatible      166       0.0343
x:FF 35 RC4 Only          3002      0.6195
x:FF 35 RC4 Preferred     50330     10.3865
x:FF 35 incompatible      169       0.0349
y:DHE-RSA-SEED-SHA        106435    21.9647
y:IDEA-CBC-SHA            86288     17.807
y:SEED-SHA                104010    21.4643
z:ADH-AES128-GCM-SHA256   403       0.0832
z:ADH-AES128-SHA          1245      0.2569
z:ADH-AES128-SHA256       285       0.0588
z:ADH-AES256-GCM-SHA384   411       0.0848
z:ADH-AES256-SHA          1251      0.2582
z:ADH-AES256-SHA256       288       0.0594
z:ADH-CAMELLIA128-SHA     757       0.1562
z:ADH-CAMELLIA256-SHA     767       0.1583
z:ADH-DES-CBC-SHA         370       0.0764
z:ADH-DES-CBC3-SHA        1264      0.2608
z:ADH-RC4-MD5             1068      0.2204
z:ADH-SEED-SHA            624       0.1288
z:AECDH-AES128-SHA        14597     3.0123
z:AECDH-AES256-SHA        14601     3.0132
z:AECDH-DES-CBC3-SHA      14555     3.0037
z:AECDH-NULL-SHA          33        0.0068
z:AECDH-RC4-SHA           13915     2.8716
z:DES-CBC-MD5             15676     3.235
z:DES-CBC-SHA             43379     8.952
z:DES-CBC3-MD5            29965     6.1838
z:ECDHE-RSA-NULL-SHA      39        0.008
z:EDH-RSA-DES-CBC-SHA     36816     7.5976
z:EXP-ADH-DES-CBC-SHA     296       0.0611
z:EXP-ADH-RC4-MD5         298       0.0615
z:EXP-DES-CBC-SHA         23304     4.8092
z:EXP-EDH-RSA-DES-CBC-SHA 18924     3.9053
z:EXP-RC2-CBC-MD5         27382     5.6507
z:EXP-RC4-MD5             29880     6.1663
z:EXP1024-DES-CBC-SHA     7448      1.537
z:EXP1024-RC4-SHA         7538      1.5556
z:IDEA-CBC-MD5            2648      0.5465
z:NULL-MD5                269       0.0555
z:NULL-SHA                277       0.0572
z:NULL-SHA256             17        0.0035
z:RC2-CBC-MD5             16012     3.3044
z:RC4-64-MD5              1266      0.2613

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               137690    28.4147
Server side               346883    71.5853

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1408      0.2906
AECDH                     14635     3.0202
DHE                       270437    55.8093
ECDHE                     323781    66.8178
ECDHE and DHE             176359    36.3947
RSA                       446206    92.0823

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               223209    46.063   82.5364
DH,1536bits               1         0.0002   0.0004
DH,2048bits               43655     9.009    16.1424
DH,2236bits               3         0.0006   0.0011
DH,2430bits               1         0.0002   0.0004
DH,3072bits               21        0.0043   0.0078
DH,4096bits               2722      0.5617   1.0065
DH,512bits                78        0.0161   0.0288
DH,768bits                777       0.1603   0.2873
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        5         0.001    0.0015
ECDH,B-571,570bits        986       0.2035   0.3045
ECDH,K-163,163bits        1         0.0002   0.0003
ECDH,K-571,570bits        1         0.0002   0.0003
ECDH,P-224,224bits        41        0.0085   0.0127
ECDH,P-256,256bits        316799    65.3769  97.8436
ECDH,P-384,384bits        3387      0.699    1.0461
ECDH,P-521,521bits        4921      1.0155   1.5199
Prefer DH,1024bits        90273     18.6294  33.3804
Prefer DH,2048bits        2959      0.6106   1.0942
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,4096bits        100       0.0206   0.037
Prefer DH,512bits         3         0.0006   0.0011
Prefer DH,768bits         394       0.0813   0.1457
Prefer ECDH,B-163,163bits 5         0.001    0.0015
Prefer ECDH,B-571,570bits 777       0.1603   0.24
Prefer ECDH,K-163,163bits 1         0.0002   0.0003
Prefer ECDH,K-571,570bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 16        0.0033   0.0049
Prefer ECDH,P-256,256bits 262300    54.1301  81.0115
Prefer ECDH,P-384,384bits 2417      0.4988   0.7465
Prefer ECDH,P-521,521bits 4606      0.9505   1.4226
Prefer PFS                363853    75.0873  0
Support PFS               417859    86.2324  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           275       0.0568   
brainpoolP384r1           275       0.0568   
brainpoolP512r1           276       0.057    
prime192v1                1006      0.2076   
prime256v1                322585    66.571   
prime256v1 Only           280643    57.9155  
secp160k1                 973       0.2008   
secp160r1                 977       0.2016   
secp160r2                 973       0.2008   
secp192k1                 994       0.2051   
secp224k1                 1021      0.2107   
secp224r1                 1909      0.394    
secp224r1 Only            1         0.0002   
secp256k1                 1031      0.2128   
secp384r1                 42157     8.6998   
secp384r1 Only            214       0.0442   
secp521r1                 11163     2.3037   
secp521r1 Only            85        0.0175   
sect163k1                 974       0.201    
sect163k1 Only            1         0.0002   
sect163r1                 973       0.2008   
sect163r2                 978       0.2018   
sect163r2 Only            5         0.001    
sect193r1                 973       0.2008   
sect193r2                 972       0.2006   
sect233k1                 1012      0.2088   
sect233r1                 1012      0.2088   
sect239k1                 1011      0.2086   
sect283k1                 1011      0.2086   
sect283r1                 1011      0.2086   
sect409k1                 1012      0.2088   
sect409r1                 1011      0.2086   
sect571k1                 1023      0.2111   
sect571r1                 1023      0.2111   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          79371     16.3796  
True                           201893    41.6641  
order-specific                 25        0.0052   
unknown                        203284    41.9512  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    1937      0.3997   
inconclusive-noecc        23        0.0047   
server                    320951    66.2338  
unknown                   161662    33.3617  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     29961     6.183    
ECDSA-SHA224                   29962     6.1832   
ECDSA-SHA256                   29968     6.1844   
ECDSA-SHA384                   29969     6.1846   
ECDSA-SHA512                   29973     6.1854   
ECDSA-SHA512 Only              4         0.0008   
RSA-MD5                        138363    28.5536  
RSA-SHA1                       288373    59.5107  
RSA-SHA1 Only                  44023     9.0849   
RSA-SHA224                     233398    48.1657  
RSA-SHA256                     248405    51.2627  
RSA-SHA256 Only                3440      0.7099   
RSA-SHA384                     234083    48.3071  
RSA-SHA512                     234329    48.3578  
RSA-SHA512 Only                236       0.0487   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         213825    44.1265  
indeterminate                  7         0.0014   
intolerant                     2102      0.4338   
order-fallback                 14        0.0029   
server                         106987    22.0786  
unsupported                    37608     7.7611   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     29954     6.1815   
ECDSA intolerant               26        0.0054   
ECDSA pfs-rsa-SHA512           2         0.0004   
RSA False                      136825    28.2362  
RSA SHA1                       130262    26.8818  
RSA intolerant                 24807     5.1194   
RSA pfs-ecdsa-SHA512           1         0.0002   
RSA soft-nopfs                 1684      0.3475   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     8680      1.7913   
insecure                  23543     4.8585   
secure                    452350    93.3502  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      13301     2.7449   
False                     8680      1.7913   
NONE                      462592    95.4638  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         2         0.0004   
5 only                    2         0.0004   
10                        6         0.0012   
10 only                   6         0.0012   
15                        10        0.0021   
15 only                   10        0.0021   
30                        8         0.0017   
30 only                   8         0.0017   
60                        95        0.0196   
60 only                   90        0.0186   
65                        1         0.0002   
65 only                   1         0.0002   
70                        6         0.0012   
100                       13        0.0027   
100 only                  13        0.0027   
120                       31        0.0064   
120 only                  31        0.0064   
128                       2         0.0004   
128 only                  2         0.0004   
150                       2         0.0004   
180                       46        0.0095   
180 only                  43        0.0089   
240                       11        0.0023   
240 only                  11        0.0023   
300                       211464    43.6392  
300 only                  204443    42.1903  
360                       1         0.0002   
400                       7         0.0014   
400 only                  7         0.0014   
420                       117       0.0241   
420 only                  65        0.0134   
480                       13        0.0027   
480 only                  12        0.0025   
500                       3         0.0006   
500 only                  3         0.0006   
600                       14992     3.0939   
600 only                  14817     3.0577   
660                       1         0.0002   
660 only                  1         0.0002   
720                       1         0.0002   
720 only                  1         0.0002   
900                       527       0.1088   
900 only                  499       0.103    
960                       2         0.0004   
960 only                  2         0.0004   
1200                      574       0.1185   
1200 only                 562       0.116    
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      13        0.0027   
1500 only                 12        0.0025   
1800                      368       0.0759   
1800 only                 362       0.0747   
2400                      6         0.0012   
2400 only                 6         0.0012   
2700                      9         0.0019   
2700 only                 9         0.0019   
3000                      12        0.0025   
3000 only                 12        0.0025   
3600                      371       0.0766   
3600 only                 355       0.0733   
3900                      1         0.0002   
3900 only                 1         0.0002   
4200                      1         0.0002   
5400                      14        0.0029   
5400 only                 2         0.0004   
6000                      5         0.001    
6000 only                 5         0.001    
7200                      14319     2.955    
7200 only                 13804     2.8487   
10800                     1786      0.3686   
10800 only                1780      0.3673   
14400                     1343      0.2772   
14400 only                1335      0.2755   
18000                     11        0.0023   
18000 only                11        0.0023   
21600                     4962      1.024    
21600 only                4955      1.0225   
28800                     10        0.0021   
28800 only                9         0.0019   
36000                     980       0.2022   
36000 only                972       0.2006   
43200                     27        0.0056   
43200 only                23        0.0047   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     46419     9.5794   
64800 only                46415     9.5785   
72000                     7         0.0014   
72000 only                7         0.0014   
84600                     1         0.0002   
84600 only                1         0.0002   
86000                     34        0.007    
86000 only                34        0.007    
86400                     363       0.0749   
86400 only                363       0.0749   
100800                    12150     2.5074   
100800 only               12149     2.5072   
129600                    9         0.0019   
129600 only               9         0.0019   
172800                    2         0.0004   
172800 only               2         0.0004   
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    1         0.0002   
432000 only               1         0.0002   
600000                    1         0.0002   
600000 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    3         0.0006   
864000 only               3         0.0006   
None                      181287    37.4117  
None only                 173413    35.7868  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      15526     3.2041   
ecdsa-with-SHA256         29954     6.1815   
sha1WithRSAEncryption     207522    42.8257  
sha256WithRSAEncryption   247164    51.0066  
sha384WithRSAEncryption   1         0.0002   
sha512WithRSAEncryption   11        0.0023   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 29979     6.1867   
ECDSA 384                 5         0.001    
RSA 1024                  222       0.0458   
RSA 10240                 3         0.0006   
RSA 2028                  1         0.0002   
RSA 2047                  1         0.0002   
RSA 2048                  437533    90.2925  
RSA 2049                  3         0.0006   
RSA 2056                  3         0.0006   
RSA 2058                  2         0.0004   
RSA 2064                  2         0.0004   
RSA 2080                  2         0.0004   
RSA 2084                  8         0.0017   
RSA 2096                  1         0.0002   
RSA 2408                  3         0.0006   
RSA 2432                  5         0.001    
RSA 2612                  2         0.0004   
RSA 3024                  1         0.0002   
RSA 3050                  1         0.0002   
RSA 3071                  1         0.0002   
RSA 3072                  93        0.0192   
RSA 3096                  1         0.0002   
RSA 3102                  1         0.0002   
RSA 3248                  1         0.0002   
RSA 3600                  1         0.0002   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  30        0.0062   
RSA 4069                  1         0.0002   
RSA 4086                  4         0.0008   
RSA 4092                  10        0.0021   
RSA 4096                  16685     3.4432   
RSA 8192                  6         0.0012   
RSA/ECDSA Dual Stack      35        0.0072

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 85670     17.6795  
Unsupported               398903    82.3205  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      30248     6.2422
SSL2 Only                 63        0.013
SSL3                      145442    30.0145
SSL3 Only                 993       0.2049
SSL3 or TLS1 Only         92308     19.0493
SSL3 or lower Only        1029      0.2124
TLS1                      482080    99.4855
TLS1 Only                 53168     10.9721
TLS1 or lower Only        120432    24.8532
TLS1.1                    349742    72.1753
TLS1.1 Only               29        0.006
TLS1.1 or up Only         1151      0.2375
TLS1.2                    360532    74.402
TLS1.2 Only               703       0.1451
TLS1.2, 1.0 but not 1.1   12562     2.5924

Statistics from 501419 chains provided by 668131 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  444722    66.5621
incomplete                28787     4.3086
untrusted                 194622    29.1293

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         466       0.0929
3                         419080    83.5788
4                         81838     16.3213
5                         35        0.007

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 29837     
ECDSA 384                 29837     
RSA 1024                  447       
RSA 2045                  1         
RSA 2048                  932773    
RSA 4096                  91385     

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 29837     5.9505
ECDSA 384                 29837     5.9505
RSA 1024                  443       0.0883
RSA 2045                  1         0.0002
RSA 2048                  470954    93.9242
RSA 4096                  90510     18.0508

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              29837     
sha1WithRSAEncryption          222155    
sha256WithRSAEncryption        174421    
sha384WithRSAEncryption        156409    
sha512WithRSAEncryption        39        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        222398    44.3537
112                       249181    49.6952
128                       29840     5.9511

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 108475    21.6336
(157753a5) AddTrust External CA Root          107019    21.3432
(5ad8a5d6) GlobalSign Root CA                 50472     10.0658
(cbf06781) Go Daddy Root Certificate Authorit 44010     8.7771
(eed8c118) COMODO ECC Certification Authority 29832     5.9495
(b204d74a) VeriSign Class 3 Public Primary Ce 27936     5.5714
(2e4eed3c) thawte Primary Root CA             25416     5.0688
(244b5494) DigiCert High Assurance EV Root CA 24612     4.9085
(653b494a) Baltimore CyberTrust Root          11515     2.2965
(ae8153b9) StartCom Certification Authority   9470      1.8886
(f081611a) The Go Daddy Group, Inc.           8925      1.7799
(b13cc6df) UTN-USERFirst-Hardware             8766      1.7482
(f387163d) Starfield Technologies, Inc.       6944      1.3849
(3513523f) DigiCert Global Root CA            6188      1.2341
(480720ec) GeoTrust Primary Certification Aut 5346      1.0662
(40547a79) COMODO Certification Authority     5333      1.0636

Scan performed between 17th and 29th of April 2015
-- 
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
Attachment:
signature.asc

Description: This is a digitally signed message part.
--
security mailing list
security@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/security