Number of servers which support TLS has grown by 1.3% since last month.
Cipher suites
Surprisingly, 3.2% more servers support just AES cipher suites now. At the same time we lost 3.7% market share of Camellia.
The good news is that RC4 support has dropped by 4.7%. Unfortunately, the amount of servers which default to RC4 is still rather high, at a 4% mark level.
Ciphersuites which are completely insecure have lost just 0.5%.
Essentially no change in server side vs client side cipher ordering, with just a small increase in the former.
Key exchange
Ciphersuites which provide forward secrecy are still growing, with ECDHE gaining 0.7% and support for ECDHE and DHE at the same time gaining 0.3%.
As usual, most of the gains are caused by the P-256 curve, with it increasing by 0.65%.
We’re now at 85% mark for servers which prefer forward secure ciphersuites, an increase of 1.11% since last month.
Hash and signature algorithms
Support for the obsolete RSA-MD5 signature algorithm continues to drop, but rather slowly, loosing just 1.1% since previous survey.
Fortunately, servers which are limited to just RSA-SHA1 signatures are also dropping, showing 0.3% fewer servers which do force this mechanism on clients. Support for stronger algorithms like SHA256 is still rather slow on the up tick, gaining just 0.7%.
Vulnerabilities
Little changes here, still 3.5% of servers vulnerable to insecure renegotiation attacks and just under 2% vulnerable to CRIME attack.
Certificates
Use of SHA-256 signatures in certificates continues its rise as de facto the signature standard, gaining 1.5% since last month.
This is also the first time when signatures with ECDSA certificates broke double digits, through an increase of 0.6%. We are less than 5% away from two most popular signature methods both using SHA-256.
Only minimal changes in the key sizes department, just that the ECDSA 256 bit keys have also increased by 0.6%, gaining a double digit market share.
At the same time, 2.6% of servers use configuration in which they support both of those public key standards.
Protocols
Little to no changes here. SSLv2 and SSLv3 are loosing, TLSv1.0 more or less stable, TLSv1.1 and TLSv1.2 gaining. All changes below 0.5% mark.
Results
SSL/TLS survey of 530912 websites from Alexa's top 1 million Stats only from connections that did provide valid certificates (or anonymous DH from servers that do also have valid certificate installed) Supported Ciphers Count Percent -------------------------+---------+------- 3DES 457179 86.112 3DES Only 577 0.1087 AES 523844 98.6687 AES Only 40463 7.6214 AES-CBC 523220 98.5512 AES-CBC Only 10280 1.9363 AES-GCM 398334 75.0283 AES-GCM Only 481 0.0906 CAMELLIA 217685 41.0021 CAMELLIA Only 1 0.0002 CHACHA20 67665 12.7451 CHACHA20 Only 2 0.0004 Insecure 60479 11.3915 RC4 191727 36.1128 RC4 Only 977 0.184 RC4 Preferred 21462 4.0425 RC4 forced in TLS1.1+ 11194 2.1084 x:FF 29 RC4 Only 1213 0.2285 x:FF 29 RC4 Preferred 23754 4.4742 x:FF 29 incompatible 400 0.0753 x:FF 35 RC4 Only 1476 0.278 x:FF 35 RC4 Preferred 23839 4.4902 x:FF 35 incompatible 402 0.0757 y:DHE-RSA-SEED-SHA 65003 12.2436 y:IDEA-CBC-SHA 59414 11.1909 y:SEED-SHA 76068 14.3278 z:ADH-AES128-GCM-SHA256 396 0.0746 z:ADH-AES128-SHA 744 0.1401 z:ADH-AES128-SHA256 292 0.055 z:ADH-AES256-GCM-SHA384 408 0.0768 z:ADH-AES256-SHA 756 0.1424 z:ADH-AES256-SHA256 293 0.0552 z:ADH-CAMELLIA128-SHA 374 0.0704 z:ADH-CAMELLIA256-SHA 382 0.072 z:ADH-DES-CBC-SHA 303 0.0571 z:ADH-DES-CBC3-SHA 756 0.1424 z:ADH-RC4-MD5 616 0.116 z:ADH-SEED-SHA 305 0.0574 z:AECDH-AES128-SHA 10719 2.019 z:AECDH-AES256-SHA 10755 2.0258 z:AECDH-DES-CBC3-SHA 10685 2.0126 z:AECDH-NULL-SHA 63 0.0119 z:AECDH-RC4-SHA 10125 1.9071 z:DES-CBC-MD5 11270 2.1228 z:DES-CBC-SHA 36559 6.8861 z:DES-CBC3-MD5 23236 4.3766 z:ECDHE-RSA-NULL-SHA 68 0.0128 z:EDH-RSA-DES-CBC-SHA 31274 5.8906 z:EXP-ADH-DES-CBC-SHA 203 0.0382 z:EXP-ADH-RC4-MD5 199 0.0375 z:EXP-DES-CBC-SHA 14643 2.7581 z:EXP-EDH-RSA-DES-CBC-SHA 11812 2.2249 z:EXP-RC2-CBC-MD5 17779 3.3488 z:EXP-RC4-MD5 18577 3.4991 z:EXP1024-DES-CBC-SHA 4531 0.8534 z:EXP1024-RC4-SHA 4613 0.8689 z:IDEA-CBC-MD5 2255 0.4247 z:NULL-MD5 237 0.0446 z:NULL-SHA 236 0.0445 z:NULL-SHA256 32 0.006 z:RC2-CBC-MD5 11512 2.1683 z:RC4-64-MD5 922 0.1737 Cipher ordering Count Percent -------------------------+---------+------- Client side 134022 25.2437 Server side 396890 74.7563 Supported Handshakes Count Percent -------------------------+---------+------- ADH 896 0.1688 AECDH 10782 2.0308 DHE 289298 54.4908 ECDH 3 0.0006 ECDHE 425231 80.0944 ECDHE and DHE 223210 42.0427 RSA 458647 86.3885 Supported PFS Count Percent PFS Percent -------------------------+---------+--------+----------- DH,1024bits 159457 30.0345 55.1186 DH,1536bits 1 0.0002 0.0003 DH,2048bits 121879 22.9565 42.1292 DH,2236bits 14 0.0026 0.0048 DH,3072bits 108 0.0203 0.0373 DH,3092bits 1 0.0002 0.0003 DH,4096bits 7458 1.4048 2.578 DH,512bits 40 0.0075 0.0138 DH,6144bits 1 0.0002 0.0003 DH,768bits 439 0.0827 0.1517 DH,8192bits 2 0.0004 0.0007 ECDH,B-571,570bits 1680 0.3164 0.3951 ECDH,K-571,570bits 1 0.0002 0.0002 ECDH,P-192,192bits 11 0.0021 0.0026 ECDH,P-224,224bits 81 0.0153 0.019 ECDH,P-256,256bits 411892 77.582 96.8631 ECDH,P-384,384bits 3589 0.676 0.844 ECDH,P-521,521bits 9333 1.7579 2.1948 Prefer DH,1024bits 58262 10.9739 20.1391 Prefer DH,1536bits 1 0.0002 0.0003 Prefer DH,2048bits 10378 1.9547 3.5873 Prefer DH,2236bits 1 0.0002 0.0003 Prefer DH,3072bits 13 0.0024 0.0045 Prefer DH,4096bits 392 0.0738 0.1355 Prefer DH,768bits 66 0.0124 0.0228 Prefer ECDH,B-571,570bits 1478 0.2784 0.3476 Prefer ECDH,K-571,570bits 1 0.0002 0.0002 Prefer ECDH,P-224,224bits 78 0.0147 0.0183 Prefer ECDH,P-256,256bits 370937 69.8679 87.2319 Prefer ECDH,P-384,384bits 3291 0.6199 0.7739 Prefer ECDH,P-521,521bits 8426 1.5871 1.9815 Prefer PFS 453324 85.3859 0 Support PFS 491319 92.5425 0 Supported ECC curves Count Percent -------------------------+---------+-------- brainpoolP256r1 2073 0.3905 brainpoolP384r1 2074 0.3906 brainpoolP512r1 2074 0.3906 prime192v1 1449 0.2729 prime256v1 422425 79.5659 prime256v1 Only 368568 69.4217 secp160k1 1406 0.2648 secp160r1 1411 0.2658 secp160r2 1406 0.2648 secp192k1 1423 0.268 secp224k1 1491 0.2808 secp224r1 4011 0.7555 secp256k1 3482 0.6559 secp384r1 54256 10.2194 secp384r1 Only 444 0.0836 secp521r1 23612 4.4474 secp521r1 Only 128 0.0241 sect163k1 1415 0.2665 sect163k1 Only 2 0.0004 sect163r1 1413 0.2661 sect163r2 1409 0.2654 sect193r1 1409 0.2654 sect193r2 1407 0.265 sect233k1 1486 0.2799 sect233r1 1486 0.2799 sect239k1 1486 0.2799 sect283k1 3447 0.6493 sect283k1 Only 2 0.0004 sect283r1 3442 0.6483 sect409k1 3444 0.6487 sect409r1 3443 0.6485 sect571k1 3454 0.6506 sect571r1 3454 0.6506 Unsupported curve fallback Count Percent ------------------------------+---------+-------- False 69315 13.0558 True 299493 56.411 order-specific 82 0.0154 unknown 162022 30.5177 ECC curve ordering Count Percent -------------------------+---------+-------- client 5116 0.9636 inconclusive-noecc 8 0.0015 server 417915 78.7164 unknown 107873 20.3184 TLSv1.2 PFS supported sigalgs Count Percent ------------------------------+---------+-------- ECDSA-SHA1 39752 7.4875 ECDSA-SHA1 Only 2 0.0004 ECDSA-SHA224 39755 7.4881 ECDSA-SHA256 53701 10.1149 ECDSA-SHA384 53712 10.1169 ECDSA-SHA512 53734 10.1211 ECDSA-SHA512 Only 22 0.0041 RSA-MD5 164964 31.0718 RSA-SHA1 368019 69.3183 RSA-SHA1 Only 42674 8.0379 RSA-SHA224 303273 57.123 RSA-SHA256 332849 62.6938 RSA-SHA256 Only 6204 1.1686 RSA-SHA384 304966 57.4419 RSA-SHA384 Only 1 0.0002 RSA-SHA512 305210 57.4879 RSA-SHA512 Only 277 0.0522 TLSv1.2 PFS ordering Count Percent ------------------------------+---------+-------- client 233407 43.9634 indeterminate 45 0.0085 intolerant 4576 0.8619 order-fallback 8 0.0015 server 177923 33.5127 unsupported 21601 4.0687 TLSv1.2 PFS sigalg fallback Count Percent ------------------------------+---------+-------- ECDSA SHA1 39724 7.4822 ECDSA intolerant 116 0.0218 ECDSA pfs-rsa-SHA512 13917 2.6213 ECDSA soft-nopfs 3 0.0006 RSA False 163706 30.8349 RSA SHA1 176523 33.249 RSA intolerant 35829 6.7486 RSA pfs-ecdsa-SHA512 27 0.0051 RSA soft-nopfs 1308 0.2464 Renegotiation Count Percent -------------------------+---------+-------- False 6621 1.2471 insecure 18673 3.5172 secure 505618 95.2357 Compression Count Percent -------------------------+---------+-------- 1 (zlib compression) 9772 1.8406 False 6621 1.2471 NONE 514519 96.9123 TLS session ticket hint Count Percent -------------------------+---------+-------- 1 4 0.0008 1 only 4 0.0008 2 2 0.0004 2 only 2 0.0004 10 11 0.0021 10 only 11 0.0021 15 10 0.0019 15 only 10 0.0019 30 10 0.0019 30 only 9 0.0017 60 97 0.0183 60 only 90 0.017 65 2 0.0004 65 only 2 0.0004 70 6 0.0011 100 15 0.0028 100 only 15 0.0028 120 27 0.0051 120 only 27 0.0051 128 2 0.0004 128 only 2 0.0004 150 2 0.0004 180 41 0.0077 180 only 38 0.0072 240 5 0.0009 240 only 5 0.0009 300 244735 46.0971 300 only 240267 45.2555 302 3 0.0006 302 only 3 0.0006 360 2 0.0004 360 only 1 0.0002 400 8 0.0015 400 only 8 0.0015 420 124 0.0234 420 only 97 0.0183 450 1 0.0002 450 only 1 0.0002 480 13 0.0024 480 only 13 0.0024 500 3 0.0006 500 only 3 0.0006 540 1 0.0002 540 only 1 0.0002 600 26475 4.9867 600 only 26305 4.9547 700 1 0.0002 700 only 1 0.0002 720 1 0.0002 720 only 1 0.0002 840 1 0.0002 840 only 1 0.0002 900 878 0.1654 900 only 861 0.1622 960 2 0.0004 960 only 2 0.0004 1200 2334 0.4396 1200 only 2330 0.4389 1320 1 0.0002 1320 only 1 0.0002 1500 9 0.0017 1500 only 8 0.0015 1800 499 0.094 1800 only 490 0.0923 1980 1 0.0002 1980 only 1 0.0002 2100 1 0.0002 2100 only 1 0.0002 2400 8 0.0015 2400 only 8 0.0015 2700 10 0.0019 2700 only 10 0.0019 3000 26 0.0049 3000 only 26 0.0049 3600 573 0.1079 3600 only 560 0.1055 3900 3 0.0006 3900 only 3 0.0006 4200 1 0.0002 5160 1 0.0002 5160 only 1 0.0002 5400 13 0.0024 5400 only 6 0.0011 6000 179 0.0337 6000 only 179 0.0337 7200 15645 2.9468 7200 only 15623 2.9427 10800 3114 0.5865 10800 only 3110 0.5858 14400 99 0.0186 14400 only 99 0.0186 18000 8 0.0015 18000 only 8 0.0015 21600 4849 0.9133 21600 only 4637 0.8734 25200 1 0.0002 25200 only 1 0.0002 28800 3555 0.6696 28800 only 3543 0.6673 36000 1157 0.2179 36000 only 1150 0.2166 43200 40 0.0075 43200 only 40 0.0075 60000 1 0.0002 60000 only 1 0.0002 64800 51789 9.7547 64800 only 51762 9.7496 72000 29 0.0055 72000 only 29 0.0055 84600 1 0.0002 84600 only 1 0.0002 86000 39 0.0073 86000 only 39 0.0073 86400 3482 0.6559 86400 only 3471 0.6538 100800 10699 2.0152 100800 only 10688 2.0131 129600 10 0.0019 129600 only 10 0.0019 172800 9 0.0017 172800 only 9 0.0017 216000 2 0.0004 216000 only 2 0.0004 432000 2 0.0004 432000 only 2 0.0004 604800 5 0.0009 604800 only 3 0.0006 864000 3 0.0006 864000 only 3 0.0006 None 165273 31.13 None only 160236 30.1813 Certificate sig alg Count Percent -------------------------+---------+-------- None 11419 2.1508 ecdsa-with-SHA256 53709 10.1164 sha1WithRSAEncryption 79229 14.9232 sha256WithRSAEncryption 413158 77.8204 sha384WithRSAEncryption 6 0.0011 sha512WithRSAEncryption 33 0.0062 Certificate key size Count Percent -------------------------+---------+-------- ECDSA 256 53748 10.1237 ECDSA 384 12 0.0023 ECDSA 521 1 0.0002 RSA 1024 38 0.0072 RSA 10240 8 0.0015 RSA 2048 470388 88.6 RSA 2049 4 0.0008 RSA 2056 1 0.0002 RSA 2058 2 0.0004 RSA 2064 1 0.0002 RSA 2084 3 0.0006 RSA 2096 1 0.0002 RSA 2408 2 0.0004 RSA 2432 2 0.0004 RSA 2480 1 0.0002 RSA 3071 1 0.0002 RSA 3072 144 0.0271 RSA 3096 2 0.0004 RSA 3120 2 0.0004 RSA 3248 2 0.0004 RSA 4042 1 0.0002 RSA 4048 1 0.0002 RSA 4056 22 0.0041 RSA 4069 1 0.0002 RSA 4086 1 0.0002 RSA 4092 6 0.0011 RSA 4094 1 0.0002 RSA 4096 20509 3.863 RSA 4098 1 0.0002 RSA 4196 1 0.0002 RSA 8192 3 0.0006 RSA/ECDSA Dual Stack 13986 2.6343 OCSP stapling Count Percent -------------------------+---------+-------- Supported 115313 21.7198 Unsupported 415599 78.2802 Supported Protocols Count Percent -------------------------+---------+------- SSL2 23492 4.4248 SSL2 Only 19 0.0036 SSL3 121502 22.8855 SSL3 Only 470 0.0885 SSL3 or TLS1 Only 68017 12.8114 SSL3 or lower Only 487 0.0917 TLS1 525297 98.9424 TLS1 Only 40462 7.6212 TLS1 or lower Only 89960 16.9444 TLS1.1 427273 80.4791 TLS1.1 Only 312 0.0588 TLS1.1 or up Only 4757 0.896 TLS1.2 437543 82.4135 TLS1.2 Only 2067 0.3893 TLS1.2, 1.0 but not 1.1 11005 2.0728 Statistics from 566530 chains provided by 702674 hosts Server provided chains Count Percent -------------------------+---------+------- complete 500948 71.2917 incomplete 27324 3.8886 untrusted 174402 24.8198 Trusted chain statistics ======================== Chain length Count Percent -------------------------+---------+------- 2 40 0.0071 3 564250 99.5975 4 2220 0.3919 5 20 0.0035 CA key size in chains Count -------------------------+--------- ECDSA 256 53700 ECDSA 384 53703 RSA 1024 38 RSA 2045 3 RSA 2048 886848 RSA 4096 140988 Chains with CA key Count Percent -------------------------+---------+------- ECDSA 256 53700 9.4788 ECDSA 384 53703 9.4793 RSA 1024 36 0.0064 RSA 2045 3 0.0005 RSA 2048 512489 90.4611 RSA 4096 140488 24.798 Signature algorithm (ex. root) Count ------------------------------+--------- ecdsa-with-SHA384 53695 sha1WithRSAEncryption 87476 sha256WithRSAEncryption 301918 sha384WithRSAEncryption 125587 sha512WithRSAEncryption 74 Eff. host cert chain LoS Count Percent -------------------------+---------+------- 80 87515 15.4475 112 425304 75.0718 128 53711 9.4807 Root CAs Count Percent ---------------------------------------------+---------+------- (d6325660) COMODO RSA Certification Authority 116038 20.4822 (2c543cd1) GeoTrust Global CA 109648 19.3543 (eed8c118) COMODO ECC Certification Authority 53687 9.4765 (cbf06781) Go Daddy Root Certificate Authorit 48182 8.5048 (5ad8a5d6) GlobalSign Root CA 44132 7.7899 (b204d74a) VeriSign Class 3 Public Primary Ce 32386 5.7166 (244b5494) DigiCert High Assurance EV Root CA 26649 4.7039 (2e4eed3c) thawte Primary Root CA 22839 4.0314 (157753a5) AddTrust External CA Root 21671 3.8252 (653b494a) Baltimore CyberTrust Root 12055 2.1279 (fc5a8f99) USERTrust RSA Certification Author 9450 1.668 (ae8153b9) StartCom Certification Authority 9327 1.6463 (4bfab552) Starfield Root Certificate Authori 9162 1.6172 (3513523f) DigiCert Global Root CA 8636 1.5244 Scan performed between 22nd November and 3rd of December 2015
securitypitfalls 