December 2015 scan results

Past few months were a bit eventful so I wasn’t able to dedicate as much time to cipherscan as I’d like.

So not to make the results bitrot any more, I’m posting them without the detailed analysis.

There were no interesting changes compared to November anyway – just continuation of established trends.

SSL/TLS survey of 536563 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      459320    85.6041
AES                       530014    98.7795
AES Only                  45794     8.5347
AES-CBC                   529364    98.6583
AES-CBC Only              10074     1.8775
AES-GCM                   412370    76.854
AES-GCM Only              538       0.1003
CAMELLIA                  222494    41.4665
CAMELLIA Only             3         0.0006
CHACHA20                  69686     12.9875
CHACHA20 Only             6         0.0011
Insecure                  57699     10.7534
RC4                       183979    34.2884
RC4 Only                  864       0.161
RC4 Preferred             19979     3.7235
RC4 forced in TLS1.1+     10502     1.9573
x:FF 29 RC4 Only          1093      0.2037
x:FF 29 RC4 Preferred     22208     4.1389
x:FF 29 incompatible      391       0.0729
x:FF 35 RC4 Only          1327      0.2473
x:FF 35 RC4 Preferred     22286     4.1535
x:FF 35 incompatible      395       0.0736
y:DHE-RSA-SEED-SHA        66508     12.3952
y:IDEA-CBC-SHA            61454     11.4533
y:SEED-SHA                77575     14.4578
z:ADH-AES128-GCM-SHA256   397       0.074
z:ADH-AES128-SHA          727       0.1355
z:ADH-AES128-SHA256       282       0.0526
z:ADH-AES256-GCM-SHA384   407       0.0759
z:ADH-AES256-SHA          745       0.1388
z:ADH-AES256-SHA256       282       0.0526
z:ADH-CAMELLIA128-SHA     367       0.0684
z:ADH-CAMELLIA256-SHA     379       0.0706
z:ADH-DES-CBC-SHA         309       0.0576
z:ADH-DES-CBC3-SHA        744       0.1387
z:ADH-RC4-MD5             597       0.1113
z:ADH-SEED-SHA            296       0.0552
z:AECDH-AES128-SHA        9967      1.8576
z:AECDH-AES256-SHA        10016     1.8667
z:AECDH-DES-CBC3-SHA      9935      1.8516
z:AECDH-NULL-SHA          60        0.0112
z:AECDH-RC4-SHA           9381      1.7484
z:DES-CBC-MD5             10532     1.9629
z:DES-CBC-SHA             35384     6.5946
z:DES-CBC3-MD5            21789     4.0608
z:ECDHE-RSA-NULL-SHA      64        0.0119
z:EDH-RSA-DES-CBC-SHA     30143     5.6178
z:EXP-ADH-DES-CBC-SHA     206       0.0384
z:EXP-ADH-RC4-MD5         201       0.0375
z:EXP-DES-CBC-SHA         13685     2.5505
z:EXP-EDH-RSA-DES-CBC-SHA 10941     2.0391
z:EXP-RC2-CBC-MD5         16617     3.0969
z:EXP-RC4-MD5             17371     3.2375
z:EXP1024-DES-CBC-SHA     4273      0.7964
z:EXP1024-RC4-SHA         4354      0.8115
z:IDEA-CBC-MD5            2139      0.3986
z:NULL-MD5                227       0.0423
z:NULL-SHA                227       0.0423
z:NULL-SHA256             28        0.0052
z:RC2-CBC-MD5             10751     2.0037
z:RC4-64-MD5              880       0.164

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               132599    24.7127
Server side               403964    75.2873

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       892       0.1662
AECDH                     10038     1.8708
DHE                       290879    54.2115
ECDH                      3         0.0006
ECDHE                     438449    81.7144
ECDHE and DHE             230817    43.0177
RSA                       462690    86.2322

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               156486    29.1645  53.7976
DH,1338bits               1         0.0002   0.0003
DH,1536bits               1         0.0002   0.0003
DH,2048bits               125695    23.426   43.2121
DH,2236bits               13        0.0024   0.0045
DH,2432bits               2         0.0004   0.0007
DH,2560bits               1         0.0002   0.0003
DH,3072bits               96        0.0179   0.033
DH,3092bits               1         0.0002   0.0003
DH,4094bits               1         0.0002   0.0003
DH,4096bits               8225      1.5329   2.8276
DH,4098bits               1         0.0002   0.0003
DH,512bits                39        0.0073   0.0134
DH,6144bits               2         0.0004   0.0007
DH,768bits                413       0.077    0.142
DH,8192bits               2         0.0004   0.0007
ECDH,B-571,570bits        1680      0.3131   0.3832
ECDH,K-163,163bits        1         0.0002   0.0002
ECDH,P-192,192bits        13        0.0024   0.003
ECDH,P-224,224bits        85        0.0158   0.0194
ECDH,P-256,256bits        424488    79.1124  96.8158
ECDH,P-384,384bits        3868      0.7209   0.8822
ECDH,P-521,521bits        9879      1.8412   2.2532
Prefer DH,1024bits        55460     10.3362  19.0663
Prefer DH,1536bits        1         0.0002   0.0003
Prefer DH,2048bits        7764      1.447    2.6692
Prefer DH,3072bits        10        0.0019   0.0034
Prefer DH,4096bits        364       0.0678   0.1251
Prefer DH,768bits         48        0.0089   0.0165
Prefer ECDH,B-571,570bits 1483      0.2764   0.3382
Prefer ECDH,K-163,163bits 1         0.0002   0.0002
Prefer ECDH,P-224,224bits 82        0.0153   0.0187
Prefer ECDH,P-256,256bits 386031    71.9451  88.0447
Prefer ECDH,P-384,384bits 2985      0.5563   0.6808
Prefer ECDH,P-521,521bits 8928      1.6639   2.0363
Prefer PFS                463157    86.3192  0
Support PFS               498511    92.9082  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           2250      0.4193   
brainpoolP384r1           2253      0.4199   
brainpoolP512r1           2257      0.4206   
prime192v1                1426      0.2658   
prime256v1                435505    81.1657  
prime256v1 Only           381299    71.0632  
secp160k1                 1377      0.2566   
secp160r1                 1382      0.2576   
secp160r2                 1376      0.2564   
secp192k1                 1394      0.2598   
secp224k1                 1465      0.273    
secp224r1                 4037      0.7524   
secp224r1 Only            1         0.0002   
secp256k1                 3628      0.6762   
secp384r1                 54625     10.1805  
secp384r1 Only            479       0.0893   
secp521r1                 24462     4.559    
secp521r1 Only            129       0.024    
sect163k1                 1388      0.2587   
sect163k1 Only            1         0.0002   
sect163r1                 1387      0.2585   
sect163r2                 1387      0.2585   
sect193r1                 1385      0.2581   
sect193r2                 1384      0.2579   
sect233k1                 1466      0.2732   
sect233r1                 1464      0.2728   
sect239k1                 1461      0.2723   
sect283k1                 3583      0.6678   
sect283r1                 3581      0.6674   
sect409k1                 3584      0.668    
sect409r1                 3584      0.668    
sect571k1                 3594      0.6698   
sect571r1                 3596      0.6702   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          67862     12.6475  
True                           312481    58.2375  
order-specific                 96        0.0179   
unknown                        156124    29.097   

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    5459      1.0174   
inconclusive-noecc        12        0.0022   
server                    430685    80.2674  
unknown                   100407    18.713   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     41280     7.6934   
ECDSA-SHA1 Only                2         0.0004   
ECDSA-SHA224                   41274     7.6923   
ECDSA-SHA256                   55318     10.3097  
ECDSA-SHA384                   55314     10.3089  
ECDSA-SHA512                   55315     10.3091  
ECDSA-SHA512 Only              1         0.0002   
RSA-MD5                        156847    29.2318  
RSA-SHA1                       379786    70.7813  
RSA-SHA1 Only                  42067     7.8401   
RSA-SHA224                     314857    58.6803  
RSA-SHA256                     345177    64.3311  
RSA-SHA256 Only                6253      1.1654   
RSA-SHA384                     316545    58.9949  
RSA-SHA384 Only                1         0.0002   
RSA-SHA512                     316760    59.035   
RSA-SHA512 Only                293       0.0546   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         241325    44.9761  
indeterminate                  115       0.0214   
intolerant                     4940      0.9207   
order-fallback                 4         0.0007   
server                         182715    34.0529  
unsupported                    21177     3.9468   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     41260     7.6897   
ECDSA intolerant               48        0.0089   
ECDSA pfs-rsa-SHA512           14029     2.6146   
ECDSA soft-nopfs               2         0.0004   
RSA False                      155749    29.0272  
RSA SHA1                       196182    36.5627  
RSA intolerant                 36096     6.7273   
RSA pfs-ecdsa-SHA512           8         0.0015   
RSA soft-nopfs                 1168      0.2177   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     6429      1.1982   
insecure                  17943     3.3441   
secure                    512191    95.4578  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      9264      1.7265   
False                     6429      1.1982   
NONE                      520870    97.0753  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         5         0.0009   
1 only                    5         0.0009   
2                         2         0.0004   
2 only                    2         0.0004   
5                         1         0.0002   
5 only                    1         0.0002   
10                        12        0.0022   
10 only                   12        0.0022   
15                        8         0.0015   
15 only                   8         0.0015   
30                        17        0.0032   
30 only                   15        0.0028   
60                        98        0.0183   
60 only                   93        0.0173   
65                        2         0.0004   
65 only                   2         0.0004   
70                        6         0.0011   
100                       16        0.003    
100 only                  16        0.003    
120                       29        0.0054   
120 only                  29        0.0054   
128                       3         0.0006   
128 only                  3         0.0006   
150                       2         0.0004   
180                       48        0.0089   
180 only                  45        0.0084   
240                       8         0.0015   
240 only                  8         0.0015   
300                       254800    47.4874  
300 only                  250537    46.6929  
302                       3         0.0006   
302 only                  3         0.0006   
360                       2         0.0004   
360 only                  1         0.0002   
400                       6         0.0011   
400 only                  6         0.0011   
420                       133       0.0248   
420 only                  105       0.0196   
480                       15        0.0028   
480 only                  15        0.0028   
500                       4         0.0007   
500 only                  4         0.0007   
540                       1         0.0002   
540 only                  1         0.0002   
600                       27913     5.2022   
600 only                  27746     5.1711   
700                       1         0.0002   
700 only                  1         0.0002   
840                       1         0.0002   
840 only                  1         0.0002   
900                       923       0.172    
900 only                  896       0.167    
960                       1         0.0002   
960 only                  1         0.0002   
1200                      2345      0.437    
1200 only                 2339      0.4359   
1320                      1         0.0002   
1320 only                 1         0.0002   
1500                      11        0.0021   
1500 only                 10        0.0019   
1800                      536       0.0999   
1800 only                 528       0.0984   
1980                      1         0.0002   
1980 only                 1         0.0002   
2100                      1         0.0002   
2100 only                 1         0.0002   
2400                      8         0.0015   
2400 only                 8         0.0015   
2700                      10        0.0019   
2700 only                 10        0.0019   
3000                      26        0.0048   
3000 only                 26        0.0048   
3300                      1         0.0002   
3300 only                 1         0.0002   
3600                      614       0.1144   
3600 only                 602       0.1122   
3900                      1         0.0002   
3900 only                 1         0.0002   
4100                      1         0.0002   
4100 only                 1         0.0002   
5160                      1         0.0002   
5160 only                 1         0.0002   
5400                      14        0.0026   
5400 only                 7         0.0013   
6000                      200       0.0373   
6000 only                 200       0.0373   
7200                      15561     2.9001   
7200 only                 15539     2.896    
10800                     3493      0.651    
10800 only                3481      0.6488   
14400                     98        0.0183   
14400 only                98        0.0183   
18000                     8         0.0015   
18000 only                8         0.0015   
21600                     4783      0.8914   
21600 only                4783      0.8914   
25200                     1         0.0002   
25200 only                1         0.0002   
28800                     2385      0.4445   
28800 only                2380      0.4436   
36000                     1170      0.2181   
36000 only                1163      0.2167   
43200                     39        0.0073   
43200 only                39        0.0073   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     4661      0.8687   
64800 only                4660      0.8685   
72000                     31        0.0058   
72000 only                31        0.0058   
79200                     1         0.0002   
79200 only                1         0.0002   
86000                     46        0.0086   
86000 only                46        0.0086   
86400                     3553      0.6622   
86400 only                3545      0.6607   
100800                    10783     2.0096   
100800 only               10771     2.0074   
115200                    1         0.0002   
115200 only               1         0.0002   
129600                    8         0.0015   
129600 only               8         0.0015   
172800                    9         0.0017   
172800 only               9         0.0017   
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    2         0.0004   
432000 only               2         0.0004   
604800                    2         0.0004   
604800 only               1         0.0002   
None                      206697    38.5224  
None only                 202099    37.6655  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      10673     1.9891   
ecdsa-with-SHA256         55263     10.2994  
sha1WithRSAEncryption     66180     12.3341  
sha256WithRSAEncryption   429902    80.1214  
sha384WithRSAEncryption   5         0.0009   
sha512WithRSAEncryption   37        0.0069   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 55328     10.3116  
ECDSA 384                 15        0.0028   
RSA 1024                  33        0.0062   
RSA 2048                  474602    88.4522  
RSA 2049                  2         0.0004   
RSA 2058                  3         0.0006   
RSA 2064                  1         0.0002   
RSA 2084                  4         0.0007   
RSA 2096                  2         0.0004   
RSA 2408                  1         0.0002   
RSA 2480                  1         0.0002   
RSA 3071                  1         0.0002   
RSA 3072                  127       0.0237   
RSA 3096                  2         0.0004   
RSA 3248                  3         0.0006   
RSA 4042                  1         0.0002   
RSA 4048                  1         0.0002   
RSA 4056                  24        0.0045   
RSA 4069                  1         0.0002   
RSA 4092                  6         0.0011   
RSA 4094                  2         0.0004   
RSA 4095                  1         0.0002   
RSA 4096                  20517     3.8238   
RSA 4098                  1         0.0002   
RSA 4196                  2         0.0004   
RSA 8192                  6         0.0011   
RSA/ECDSA Dual Stack      14112     2.6301

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 122156    22.7664  
Unsupported               414407    77.2336  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      22019     4.1037
SSL2 Only                 16        0.003
SSL3                      114551    21.349
SSL3 Only                 451       0.0841
SSL3 or TLS1 Only         62546     11.6568
SSL3 or lower Only        465       0.0867
TLS1                      530535    98.8766
TLS1 Only                 38783     7.228
TLS1 or lower Only        83051     15.4783
TLS1.1                    440269    82.0536
TLS1.1 Only               341       0.0636
TLS1.1 or up Only         5269      0.982
TLS1.2                    450259    83.9154
TLS1.2 Only               2150      0.4007
TLS1.2, 1.0 but not 1.1   10510     1.9588


Statistics from 571668 chains provided by 706831 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  509502    72.0826
incomplete                25925     3.6678
untrusted                 171404    24.2496

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         33        0.0058
3                         569492    99.6194
4                         2129      0.3724
5                         14        0.0024

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 55261     
ECDSA 384                 55264     
RSA 1024                  33        
RSA 2045                  3         
RSA 2048                  886633    
RSA 4096                  148266    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 55261     9.6666
ECDSA 384                 55264     9.6671
RSA 1024                  31        0.0054
RSA 2045                  3         0.0005
RSA 2048                  516046    90.2702
RSA 4096                  147728    25.8416

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              55257     
sha1WithRSAEncryption          74114     
sha256WithRSAEncryption        311465    
sha384WithRSAEncryption        132882    
sha512WithRSAEncryption        74        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        74154     12.9715
112                       442237    77.3591
128                       55277     9.6694

Most common root CAs                          Count     Percent
---------------------------------------------+---------+-------
(157753a5) AddTrust External CA Root          21173     3.7037
(244b5494) DigiCert High Assurance EV Root CA 22796     3.9876
(2c543cd1) GeoTrust Global CA                 103983    18.1894
(2e4eed3c) thawte Primary Root CA             22155     3.8755
(3513523f) DigiCert Global Root CA            8921      1.5605
(4bfab552) Starfield Root Certificate Authori 7786      1.362
(5ad8a5d6) GlobalSign Root CA                 49934     8.7348
(653b494a) Baltimore CyberTrust Root          11652     2.0382
(ae8153b9) StartCom Certification Authority   9075      1.5875
(b204d74a) VeriSign Class 3 Public Primary Ce 33097     5.7895
(cbf06781) Go Daddy Root Certificate Authorit 50135     8.77
(d6325660) COMODO RSA Certification Authority 118944    20.8065
(eed8c118) COMODO ECC Certification Authority 55250     9.6647
(fc5a8f99) USERTrust RSA Certification Author 13826     2.4185


Scan performed between 15th of December and 26 of December 2015.
Advertisements

2 comments

  1. With the launch of Censys.io it seems that the cipherscan results are no longer available at either scans.io or censys.io? Are there plans to make the scan data available again in the future?

    Censys is great, but cipherscan provided information that is not currently available there.

    Thanks

    1. Thanks for the info. I’ll be uploading the new results relatively soon to scans.io, so I’ll definitely take a look why they are not listed there.

      Because I don’t cooperate closely with the UoM/zmap team, it’s unlikely that cipherscan data will get included in Censys (I definitely don’t have the time to work on that).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s