July 2015 scan results

Number of servers with trusted certificates is rising again, but it’s not yet at they May levels. Mostly just continuation of established trends. One significant change is that I’ve used most recent Mozilla trust list, with few 1024 bit root CAs removed, causing the average length of certificate chain to drop significantly.

Cipher suites

A bit surprisingly 3DES use has grown by a 1%, likely as a result of servers still worrying about compatibility with Windows XP when deprecating RC4 ciphers (those are down by nearly 3%).

Support for AES remains strong, with CBC mode of it does’t have much space to grow, continuing to hover at around 98%. GCM mode has grown by just under 3%.

RC4 cipher market share is just over 50% mark due to a nearly 3% drop since last month. Count of servers that support only this cipher has also gone down, with just 1484 servers supporting only this cipher in Alexa top 1 million. Unfortunately the amount of servers which prefer RC4 and which use it even in TLS1.1 or later is largely unchanged, falling by just 0.4% and 0.2% respectively.

Completely insecure ciphers also remain unchanged, with a decrease of just 0.5%.

Nearly 7% of servers still support the Logjam vulnerable export grade ciphersuites, a decrease of less than 0.2%.

Key exchange

ECDHE support is still growing, this month increasing by over 2.2% and reaching nearly 75%. As usual, the change is due to increased support for NIST P-256 curve, both in general as well as for preferred ciphersuites.

DHE support remains unchanged.

Nearly 80% of servers now prefer PFS key exchange and just over 90% support it.

This is also the first month where there are no servers which prefer key exchange with 512bit DHE! (last month there were just two, so it’s not a bit change…)

Hash and signature algorithms

No landslides here either. Both support for RSA-MD5 as well as RSA-MD5 keeps growing (by just under 1% and 2% respectively), while support for the more secure RSA-SHA256 is much slower, with just 1.3% increase.

Vulnerabilities

Servers missing secure renegotiation indication and vulnerable to CRIME are falling rather slowly, decreasing nearly insignificantly.

Certificates

Certificates signed with SHA256 are clearly gaining, with a 3% increase since last month. SHA-1 is also nicely falling, reaching a 30% mark now.

Still, most of those newly deployed certificates are using 2048 bit RSA keys, as those have decreased by just 0.3%.

We will also most likely see the first time when less than 100 servers use just 1024 bit RSA certificates.

As I’ve updated the Mozilla trust store, the average length of trust chain has decreased, with over 99% servers using just one intermediate certificate. At the same time the number of CAs above the 1% mark has grown by 4.

Protocols

SSLv3 and SSLv2 protocol keep their slow depreciation walk, with decreases of just 1% and 0.2% respectively. Thankfully, the vast majority of them supports at least TLSv1.0, with just 735 servers supporting SSLv3 at most (decrease of 0.04% since last month).

TLS1.2 market penetration is also reaching new heights, with 78% of servers supporting this protocol, its adoption is also rather slow, with increase of just 1.1%.

Results

SSL/TLS survey of 501992 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      424054    84.4743
3DES Only                 812       0.1618
AES                       492491    98.1073
AES Only                  17862     3.5582
AES-CBC                   492390    98.0872
AES-CBC Only              9258      1.8443
AES-GCM                   347128    69.1501
AES-GCM Only              41        0.0082
CAMELLIA                  223605    44.5435
CAMELLIA Only             1         0.0002
CHACHA20                  60925     12.1366
Insecure                  74098     14.7608
RC4                       254399    50.6779
RC4 Only                  1484      0.2956
RC4 Preferred             31098     6.1949
RC4 forced in TLS1.1+     17264     3.4391
x:FF 29 RC4 Only          1823      0.3632
x:FF 29 RC4 Preferred     35210     7.0141
x:FF 29 incompatible      101       0.0201
x:FF 35 RC4 Only          2132      0.4247
x:FF 35 RC4 Preferred     35335     7.039
x:FF 35 incompatible      103       0.0205
y:DHE-RSA-SEED-SHA        90992     18.1262
y:IDEA-CBC-SHA            79674     15.8716
y:SEED-SHA                97028     19.3286
z:ADH-AES128-GCM-SHA256   289       0.0576
z:ADH-AES128-SHA          1315      0.262
z:ADH-AES128-SHA256       198       0.0394
z:ADH-AES256-GCM-SHA384   302       0.0602
z:ADH-AES256-SHA          1320      0.263
z:ADH-AES256-SHA256       200       0.0398
z:ADH-CAMELLIA128-SHA     897       0.1787
z:ADH-CAMELLIA256-SHA     902       0.1797
z:ADH-DES-CBC-SHA         338       0.0673
z:ADH-DES-CBC3-SHA        1333      0.2655
z:ADH-RC4-MD5             1206      0.2402
z:ADH-SEED-SHA            827       0.1647
z:AECDH-AES128-SHA        17845     3.5548
z:AECDH-AES256-SHA        17865     3.5588
z:AECDH-DES-CBC3-SHA      17799     3.5457
z:AECDH-NULL-SHA          50        0.01
z:AECDH-RC4-SHA           17077     3.4018
z:DES-CBC-MD5             13569     2.703
z:DES-CBC-SHA             40067     7.9816
z:DES-CBC3-MD5            26983     5.3752
z:ECDHE-RSA-NULL-SHA      61        0.0122
z:EDH-RSA-DES-CBC-SHA     34341     6.8409
z:EXP-ADH-DES-CBC-SHA     240       0.0478
z:EXP-ADH-RC4-MD5         240       0.0478
z:EXP-DES-CBC-SHA         18671     3.7194
z:EXP-EDH-RSA-DES-CBC-SHA 15391     3.066
z:EXP-RC2-CBC-MD5         22650     4.512
z:EXP-RC4-MD5             23797     4.7405
z:EXP1024-DES-CBC-SHA     5785      1.1524
z:EXP1024-RC4-SHA         5862      1.1677
z:IDEA-CBC-MD5            2484      0.4948
z:NULL-MD5                265       0.0528
z:NULL-SHA                267       0.0532
z:NULL-SHA256             19        0.0038
z:RC2-CBC-MD5             13857     2.7604
z:RC4-64-MD5              1138      0.2267

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               130910    26.0781
Server side               371082    73.9219

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1436      0.2861
AECDH                     17905     3.5668
DHE                       283230    56.4212
ECDH                      1         0.0002
ECDHE                     373639    74.4313
ECDHE and DHE             201985    40.2367
RSA                       459592    91.5537

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               204984    40.8341  72.3737
DH,1536bits               2         0.0004   0.0007
DH,2048bits               70215     13.9873  24.7908
DH,2236bits               3         0.0006   0.0011
DH,2430bits               1         0.0002   0.0004
DH,2432bits               1         0.0002   0.0004
DH,3072bits               2679      0.5337   0.9459
DH,4096bits               4693      0.9349   1.657
DH,512bits                76        0.0151   0.0268
DH,768bits                622       0.1239   0.2196
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        1         0.0002   0.0003
ECDH,B-571,570bits        1404      0.2797   0.3758
ECDH,K-571,570bits        1         0.0002   0.0003
ECDH,P-192,192bits        2         0.0004   0.0005
ECDH,P-224,224bits        72        0.0143   0.0193
ECDH,P-256,256bits        363944    72.5     97.4052
ECDH,P-384,384bits        3765      0.75     1.0077
ECDH,P-521,521bits        6951      1.3847   1.8604
Prefer DH,1024bits        78380     15.6138  27.6736
Prefer DH,1536bits        1         0.0002   0.0004
Prefer DH,2048bits        3926      0.7821   1.3862
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,3072bits        31        0.0062   0.0109
Prefer DH,4096bits        150       0.0299   0.053
Prefer DH,768bits         228       0.0454   0.0805
Prefer ECDH,B-163,163bits 1         0.0002   0.0003
Prefer ECDH,B-571,570bits 1210      0.241    0.3238
Prefer ECDH,K-571,570bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 42        0.0084   0.0112
Prefer ECDH,P-256,256bits 308148    61.385   82.4721
Prefer ECDH,P-384,384bits 2291      0.4564   0.6132
Prefer ECDH,P-521,521bits 6402      1.2753   1.7134
Prefer PFS                400812    79.8443  0
Support PFS               454884    90.6158  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           405       0.0807   
brainpoolP384r1           405       0.0807   
brainpoolP512r1           405       0.0807   
prime192v1                1373      0.2735   
prime256v1                372791    74.2623  
prime256v1 Only           323403    64.4239  
secp160k1                 1334      0.2657   
secp160r1                 1338      0.2665   
secp160r2                 1334      0.2657   
secp192k1                 1358      0.2705   
secp224k1                 1414      0.2817   
secp224r1                 2898      0.5773   
secp224r1 Only            2         0.0004   
secp256k1                 1708      0.3402   
secp384r1                 49700     9.9006   
secp384r1 Only            314       0.0626   
secp521r1                 17736     3.5331   
secp521r1 Only            116       0.0231   
sect163k1                 1337      0.2663   
sect163k1 Only            2         0.0004   
sect163r1                 1335      0.2659   
sect163r2                 1336      0.2661   
sect163r2 Only            1         0.0002   
sect193r1                 1334      0.2657   
sect193r2                 1333      0.2655   
sect233k1                 1402      0.2793   
sect233r1                 1402      0.2793   
sect239k1                 1401      0.2791   
sect283k1                 1678      0.3343   
sect283r1                 1678      0.3343   
sect409k1                 1678      0.3343   
sect409r1                 1678      0.3343   
sect571k1                 1692      0.3371   
sect571r1                 1691      0.3369   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          83042     16.5425  
True                           242989    48.405   
order-specific                 27        0.0054   
unknown                        175934    35.0472  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    3093      0.6161   
inconclusive-noecc        24        0.0048   
server                    370124    73.7311  
unknown                   128751    25.648   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     33890     6.7511   
ECDSA-SHA1 Only                2         0.0004   
ECDSA-SHA224                   33884     6.7499   
ECDSA-SHA256                   33890     6.7511   
ECDSA-SHA384                   33889     6.7509   
ECDSA-SHA512                   33893     6.7517   
ECDSA-SHA512 Only              4         0.0008   
RSA-MD5                        157874    31.4495  
RSA-SHA1                       329494    65.6373  
RSA-SHA1 Only                  48447     9.651    
RSA-SHA224                     265179    52.8253  
RSA-SHA256                     286453    57.0633  
RSA-SHA256 Only                4521      0.9006   
RSA-SHA384                     266091    53.007   
RSA-SHA512                     266166    53.022   
RSA-SHA512 Only                71        0.0141   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         233019    46.4189  
indeterminate                  10        0.002    
intolerant                     3229      0.6432   
order-fallback                 23        0.0046   
server                         132720    26.4387  
unsupported                    23607     4.7027   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     33882     6.7495   
ECDSA intolerant               21        0.0042   
RSA False                      153463    30.5708  
RSA SHA1                       148645    29.611   
RSA intolerant                 28673     5.7118   
RSA pfs-ecdsa-SHA512           1         0.0002   
RSA soft-nopfs                 4517      0.8998   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     7266      1.4474   
insecure                  21303     4.2437   
secure                    473423    94.3089  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      11567     2.3042   
False                     7266      1.4474   
NONE                      483159    96.2483  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         2         0.0004   
5 only                    2         0.0004   
10                        7         0.0014   
10 only                   7         0.0014   
15                        9         0.0018   
15 only                   9         0.0018   
30                        12        0.0024   
30 only                   12        0.0024   
60                        106       0.0211   
60 only                   99        0.0197   
70                        7         0.0014   
100                       12        0.0024   
100 only                  12        0.0024   
120                       28        0.0056   
120 only                  28        0.0056   
128                       3         0.0006   
128 only                  3         0.0006   
150                       2         0.0004   
180                       47        0.0094   
180 only                  45        0.009    
240                       10        0.002    
240 only                  10        0.002    
300                       220792    43.9832  
300 only                  215544    42.9377  
400                       8         0.0016   
400 only                  8         0.0016   
420                       117       0.0233   
420 only                  79        0.0157   
480                       13        0.0026   
480 only                  13        0.0026   
500                       5         0.001    
500 only                  5         0.001    
540                       1         0.0002   
540 only                  1         0.0002   
600                       22097     4.4019   
600 only                  21925     4.3676   
720                       3         0.0006   
720 only                  2         0.0004   
900                       597       0.1189   
900 only                  577       0.1149   
960                       2         0.0004   
960 only                  2         0.0004   
1200                      1891      0.3767   
1200 only                 1887      0.3759   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      9         0.0018   
1500 only                 8         0.0016   
1800                      414       0.0825   
1800 only                 407       0.0811   
2400                      6         0.0012   
2400 only                 5         0.001    
2700                      6         0.0012   
2700 only                 6         0.0012   
3000                      21        0.0042   
3000 only                 21        0.0042   
3300                      1         0.0002   
3300 only                 1         0.0002   
3600                      428       0.0853   
3600 only                 415       0.0827   
3900                      2         0.0004   
3900 only                 2         0.0004   
4200                      1         0.0002   
5400                      18        0.0036   
5400 only                 3         0.0006   
6000                      4         0.0008   
6000 only                 4         0.0008   
7200                      15459     3.0795   
7200 only                 12872     2.5642   
10800                     2078      0.414    
10800 only                2074      0.4132   
14400                     77        0.0153   
14400 only                77        0.0153   
18000                     17        0.0034   
18000 only                17        0.0034   
21600                     5026      1.0012   
21600 only                5024      1.0008   
28800                     2346      0.4673   
28800 only                1578      0.3143   
36000                     1236      0.2462   
36000 only                1230      0.245    
43200                     26        0.0052   
43200 only                26        0.0052   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     47900     9.542    
64800 only                47888     9.5396   
72000                     12        0.0024   
72000 only                12        0.0024   
86000                     41        0.0082   
86000 only                41        0.0082   
86400                     3432      0.6837   
86400 only                3430      0.6833   
100800                    12605     2.511    
100800 only               12595     2.509    
115200                    1         0.0002   
115200 only               1         0.0002   
129600                    7         0.0014   
129600 only               7         0.0014   
172800                    8         0.0016   
172800 only               8         0.0016   
604800                    2         0.0004   
604800 only               2         0.0004   
864000                    2         0.0004   
864000 only               2         0.0004   
None                      173956    34.6531  
None only                 165035    32.876   

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      18593     3.7038   
ecdsa-with-SHA256         33851     6.7433   
sha1WithRSAEncryption     147349    29.3529  
sha256WithRSAEncryption   320910    63.9273  
sha384WithRSAEncryption   4         0.0008   
sha512WithRSAEncryption   9         0.0018   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 33898     6.7527   
ECDSA 384                 7         0.0014   
RSA 1024                  106       0.0211   
RSA 10240                 5         0.001    
RSA 2047                  1         0.0002   
RSA 2048                  450327    89.708   
RSA 2049                  3         0.0006   
RSA 2056                  2         0.0004   
RSA 2058                  2         0.0004   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  6         0.0012   
RSA 2096                  1         0.0002   
RSA 2408                  1         0.0002   
RSA 2432                  4         0.0008   
RSA 2612                  2         0.0004   
RSA 2848                  1         0.0002   
RSA 3024                  1         0.0002   
RSA 3071                  1         0.0002   
RSA 3072                  118       0.0235   
RSA 3096                  1         0.0002   
RSA 3102                  1         0.0002   
RSA 3248                  3         0.0006   
RSA 4042                  1         0.0002   
RSA 4048                  1         0.0002   
RSA 4056                  22        0.0044   
RSA 4069                  1         0.0002   
RSA 4086                  1         0.0002   
RSA 4092                  6         0.0012   
RSA 4094                  1         0.0002   
RSA 4096                  17521     3.4903   
RSA 8192                  7         0.0014   
RSA/ECDSA Dual Stack      56        0.0112

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 101152    20.1501  
Unsupported               400840    79.8499  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      27268     5.432
SSL2 Only                 24        0.0048
SSL3                      136796    27.2506
SSL3 Only                 707       0.1408
SSL3 or TLS1 Only         80735     16.0829
SSL3 or lower Only        735       0.1464
TLS1                      498809    99.3659
TLS1 Only                 47086     9.3798
TLS1 or lower Only        106223    21.1603
TLS1.1                    382607    76.2177
TLS1.1 Only               28        0.0056
TLS1.1 or up Only         2220      0.4422
TLS1.2                    392594    78.2072
TLS1.2 Only               994       0.198
TLS1.2, 1.0 but not 1.1   11334     2.2578

Statistics from 526034 chains provided by 685991 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  475051    69.2503
incomplete                24873     3.6258
untrusted                 186067    27.1238

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         327       0.0622
3                         523536    99.5251
4                         2138      0.4064
5                         33        0.0063

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 33853     
ECDSA 384                 33855     
RSA 1024                  308       
RSA 2045                  1         
RSA 2048                  866336    
RSA 4096                  119592    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 33853     6.4355
ECDSA 384                 33855     6.4359
RSA 1024                  306       0.0582
RSA 2045                  1         0.0002
RSA 2048                  491599    93.4538
RSA 4096                  119050    22.6316

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              33853     
sha1WithRSAEncryption          162869    
sha256WithRSAEncryption        225699    
sha384WithRSAEncryption        105464    
sha512WithRSAEncryption        26        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        163116    31.0086
112                       329059    62.5547
128                       33859     6.4367

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 112037    21.2984
(d6325660) COMODO RSA Certification Authority 98541     18.7328
(5ad8a5d6) GlobalSign Root CA                 51559     9.8015
(cbf06781) Go Daddy Root Certificate Authorit 47005     8.9357
(eed8c118) COMODO ECC Certification Authority 33844     6.4338
(b204d74a) VeriSign Class 3 Public Primary Ce 30749     5.8454
(2e4eed3c) thawte Primary Root CA             25383     4.8254
(244b5494) DigiCert High Assurance EV Root CA 25365     4.8219
(157753a5) AddTrust External CA Root          15024     2.8561
(653b494a) Baltimore CyberTrust Root          11832     2.2493
(ae8153b9) StartCom Certification Authority   9405      1.7879
(3513523f) DigiCert Global Root CA            6987      1.3282
(fc5a8f99) USERTrust RSA Certification Author 6820      1.2965
(f081611a) The Go Daddy Group, Inc.           6456      1.2273
(480720ec) GeoTrust Primary Certification Aut 5857      1.1134
(f387163d) Starfield Technologies, Inc.       5842      1.1106
(4bfab552) Starfield Root Certificate Authori 5499      1.0454


Scan performed between 14th and 24th of July 2015.


Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s