An Experimental Study of TLS Forward Secrecy Deployments

@article{Huang2014AnES,
  title={An Experimental Study of TLS Forward Secrecy Deployments},
  author={Lin-Shung Huang and Shrikant Adhikarla and Dan Boneh and Collin Jackson},
  journal={IEEE Internet Computing},
  year={2014},
  volume={18},
  pages={43-51}
}
Many Transport Layer Security (TLS) servers use the ephemeral Diffie-Hellman (DHE) key exchange to support forward secrecy. However, in a survey of 473,802 TLS servers, the authors found that 82.9 percent of the DHE-enabled servers use weak DH parameters, resulting in a false sense of security. They compared the server throughput of various TLS setups, and measured real-world client-side latencies using an advertisement network. Their results indicate that using forward secrecy is no harder… Expand
Towards Forward Secure Internet Traffic
TLDR
This paper investigates FS in pre-TLS 1.3 protocols, which do not mandate FS, but still widely used today, and proposes a new client-side mechanism that is called "Best Effort Forward Secrecy" (BEFS), and an extension that aims to guide (force) misconfigured servers to FS using a best effort approach. Expand
Last-Mile TLS Interception: Analysis and Observation of the Non-Public HTTPS Ecosystem
TLDR
This study re-opens the neglected problem of privacy-invasive adware, by showing how adware evolves sometimes stronger than even advanced malware and poses significant detection and reverse-engineering challenges. Expand
Turning Active TLS Scanning to Eleven
TLDR
This paper presents and implemented different optimized strategies for TLS cipher suite scanning that, compared to the current best practice, perform up to 3.2 times faster and with 94% less connections used while being able to do exhaustive scanning for many vulnerabilities at once. Expand
Speaking in tongues practical evaluation of TLS cipher suites compatibility
TLDR
This work examines an existing white paper giving recommendations on how to securely configure SSL/TLS connections with regard to the practical feasibility and proposes an additional configuration set with the aim of increasing compatibility as well as security. Expand
Exploiting TLS Client Authentication for Widespread User Tracking
TLDR
Three novel active attacks against TLS Client Certificate Authentication that are successful despite the defenses are demonstrated, including in-path man-in-the-middle versions as well as a more powerful on-path attack that can be carried out without full network control. Expand
No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large
TLDR
This work is the first to collect and analyze the complete state of today's e-mail-related TLS configuration, for the entire IPv4 address range, and draws a comprehensive picture of the current state of security mechanisms on the transport layer for e-mails by scanning cipher suite support which was previously considered impossible due to numerous constraints. Expand
C R ] 2 9 Ju n 20 19 Towards Forward Secure Internet Traffic
Forward Secrecy (FS) is a security property in key-exchange algorithms which guarantees that a compromise in the secrecy of a long-term privatekey does not compromise the secrecy of past sessionExpand
TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication
TLDR
This is the largest study to date that investigates the security of the email and chat infrastructures, using active Internet-wide scans to determine the amount of secure service deployments, and passive monitoring to investigate if user agents actually use this opportunity to secure their communications. Expand
CPTIAS: a new fast PKI authentication scheme based on certificate path trust index
TLDR
Analysis and experimental results show that users can give a trade off between security and efficiency, and the scheme has a higher efficiency and no bottleneck when authenticating with the higher level CAs. Expand
Neither Snow Nor Rain Nor MITM...: An Empirical Analysis of Email Delivery Security
TLDR
This work presents the first report on global adoption rates of SMTP security extensions, including: STARTTLS, SPF, DKIM, and DMARC, and presents evidence of such attacks in the wild, highlighting seven countries where more than 20% of inbound Gmail messages arrive in cleartext due to network attackers. Expand
...
1
2
3
4
...

References

SHOWING 1-10 OF 56 REFERENCES
Lucky Thirteen: Breaking the TLS and DTLS Record Protocols
TLDR
This paper presents distinguishing and plaintext recovery attacks against TLS and DTLS, based on a delicate timing analysis of decryption processing in the two protocols. Expand
Transport Layer Security
  • S. Turner
  • Computer Science
  • IEEE Internet Computing
  • 2014
TLDR
The author looks at the collection of standards that make up TLS, including its history, protocol, and future, for securing client-server communications over the Internet. Expand
The Transport Layer Security (TLS) Protocol Version 1.2
TLDR
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements of the Transport Layer Security (TLS) protocol. Expand
Fast Elliptic Curve Cryptography in OpenSSL
TLDR
This work presents a 64-bit optimized implementation of the NIST and SECG-standardized elliptic curve P-224, and shows how to do small table look-ups in a cache-timing resistant way, allowing us to use precomputation. Expand
Cryptographic strength of ssl/tls servers: current and recent practices
TLDR
The cryptographic strength of public servers running SSL/TLS is characterized and encouraging behavior such as sensible default choices by servers when presented with multiple options, the quick adoption of AES, and the use of strong RSA key sizes of 1024 bits and above are observed. Expand
Speeding up Secure Web Transactions Using Elliptic Curve Cryptography
TLDR
The results show that an Apache web server can handle 11%-31% more HTTPS requests per second when using ECC rather than RSA at short-term security levels, and at security levels necessary to protect data beyond 2010, the use of ECC over RSA improves server performance by 110%-279% under realistic workloads. Expand
The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements
TLDR
A comprehensive analysis of X.509 certificates in the wild reveals that the quality of certification lacks in stringency, due to a number of reasons among which incorrect certification chains or invalid certificate subjects give the most cause for concern. Expand
Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
This document describes new key exchange algorithms based on Elliptic Curve Cryptography (ECC) for the Transport Layer Security (TLS) protocol. In particular, it specifies the use of Elliptic CurveExpand
Transport layer security: how much does it really cost?
  • G. Apostolopoulos, V. Peris, D. Saha
  • Computer Science
  • IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320)
  • 1999
TLDR
This paper benchmarks two of the more popular Web servers that are in use today and finds that they are a couple of orders of magnitude slower when it comes to serving secure Web pages, and suggests two modifications to the SSL protocol that reduce the latency as well as increase the throughput at the server. Expand
Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
TLDR
The largest ever network survey of TLS and SSH servers is performed and evidence that vulnerable keys are surprisingly widespread is presented, including a boot-time entropy hole in the Linux random number generator. Expand
...
1
2
3
4
5
...