1 / 18

Changes in Deployment of Cryptography: Analysis of SSL/TLS Web Servers

This study, presented at the Usenix Security Symposium 2001, explores how to measure changes in crypto deployment on SSL/TLS web servers using a methodology involving SSLStats, Perl scripts, and search engine queries. The research categorizes servers as strong, medium, or weak based on key size, certificate validity, and cipher suite strength, providing insights into the evolution of cryptographic practices. Results show trends in server security levels and the prevalence of weak server types over time.

leoortega
Download Presentation

Changes in Deployment of Cryptography: Analysis of SSL/TLS Web Servers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Changes in Deployment of Cryptography Eric Murray Usenix Security Symposium 2001

  2. Introduction • How to measure changes in crypto deployment? • SSL/TLS webservers • commonly used crypto software/hardware • deployed by security-concious admins, not end-users as browsers are • easy to check • Why?

  3. Methodology • Generate list of https URLs • Search engine queries using words from /usr/dict/words (AltaVista ‘00, Google ‘01) • List of links to pages containing https URLs • Find https: URLs in pages • Sort for duplicates • Run sslstats on each https URL

  4. Methodology • sslstats • based on OpenSSL • grabs cert and parses for • Validity • key size/algorithm • Issuer and Subject name • SSLv2: connect and get list of ciphersuites

  5. Methodology • sslstats continued: • SSLv3: connect using each ciphersuite in turn • TLS: connect as SSLv3, add TLS ciphersuites • check for same cert as SSLv2 • Perl script reads sslstats output and generates stats

  6. Definitions • Servers categorized strong, meduim, weak • “weak” server defined as: • RSA key <= 512 bits • no SSLv3/TLS ciphersuites over >= 56 bits • expired certificate • self-signed certificate • only SSLv2

  7. Definitions • “medium”: • SSLv3/TLS • RSA key > 512 but <= 1000 bits • v3/TLS ciphersuites >= 56 bits but < 64 bits • “strong”: • SSLv3/TLS • RSA key > 1000 bits • v3/TLS ciphersuites >= 64 bits

  8. Results • 2000 survey: • 57% strong • 10% medium • 31% weak • 2001 survey: • 71% strong • 5% medium • 23% weak

  9. Results: Weak Server Types • Weak servers by type: 2000 2001 Microsoft-IIS 37% 35% Apache 17% 23% no name 15% 5% Netscape-Enterprise 13% 21% Stronghold 7% 4% WebSitePro 3% 1% “unknown” 2% 4%

  10. Results: Weak Server Details Percent of weak servers surveyed: 2000: 2001: Server key <= 512 bits: 81% 72% weak v3/TLS ciphersuites: 28% 26% expired cert: 10% 16% self-signed cert: 3% 8% only does SSLv2: 1% 6%

  11. Results: Server Details Percent of all servers surveyed: 2000: 2001: Server key <= 512 bits: 25% 17% weak SSLv3/TLS suites: 9% 6% expired cert: 3.1% 3.7% self-signed cert: .8% 2.0% only does SSLv2: .4% 1.4%

  12. RSA Server Key size Key bits 2000 2001 2048 .2% .2% 1024 70% 80% >= 1000 2% .7% >= 768 2% 1% >512 - 0% <= 512 25% 17%

  13. Protocol Support 2000 2001 Servers supporting: SSLv2 96% 93% SSLv3 99% 98% TLSv1 71% 76%

  14. SSLv2 Ciphersuite Support Ciphersuite: 2000 2001 RC4 Export 40 MD5 99% 98% RC2 Export 40 MD5 97% 96% RC4 128 MD5 86% 90% DES EDE3 MD5 85% 89% DES 64 MD5 85% 88% RC2 128 MD5 84% 88%

  15. SSLv3 Export Ciphersuites Ciphersuite: 2000 2001 RSA RC4 40 MD5 99% 79% RSA RC2 40 MD5 73% 87% RSA DES 40 SHA 56% 44% DHE RSA DES 40 SHA 24% 30%

  16. SSLv3 non-Export ciphersuites Ciphersuite: 2000 2001 RSA DES SHA 75% 76% RSA 3DES SHA 74% 61% RSA RC4 SHA 63% 64% DHE RSA DES SHA 24% 29% DHE RSA 3DES SHA 24% 30% RSA IDEA SHA 21% 26%

  17. TLSv1 Export Ciphersuites Ciphersuite: 2000 2001 RSA RC4 40 MD5 100% 100% RSA Exp1024 RC4 MD5 100% 100% RSA Exp1024 DES SHA 91% 85% RSA Exp1024 RC2 MD5 90% 84% RSA Exp1024 RC4 SHA 83% 83% RSA RC2 40 MD5 75% 76%

  18. TLSv1 non-export suites Ciphersuites: 2000 2001 RSA DES SHA 77% 78% RSA 3DES SHA 76% 78% RSA RC4 SHA 72% 75% DHE RSA DES SHA 25% 36% DHE DSS 3DES SHA 25% 36% RSA IDEA SHA 25% 32%

More Related