An Experimental Study of TLS Forward Secrecy Deployments

  title={An Experimental Study of TLS Forward Secrecy Deployments},
  author={Lin-Shung Huang and Shrikant Adhikarla and D. Boneh and C. Jackson},
  journal={IEEE Internet Computing},
  • Lin-Shung Huang, Shrikant Adhikarla, +1 author C. Jackson
  • Published 2014
  • Computer Science
  • IEEE Internet Computing
  • Many Transport Layer Security (TLS) servers use the ephemeral Diffie-Hellman (DHE) key exchange to support forward secrecy. However, in a survey of 473,802 TLS servers, the authors found that 82.9 percent of the DHE-enabled servers use weak DH parameters, resulting in a false sense of security. They compared the server throughput of various TLS setups, and measured real-world client-side latencies using an advertisement network. Their results indicate that using forward secrecy is no harder… CONTINUE READING
    TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication
    • 61
    • Highly Influenced
    • PDF
    Towards Forward Secure Internet Traffic
    • 3
    • PDF
    Mission accomplished?: HTTPS security after diginotar
    • 56
    • PDF
    No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large
    • 14
    • PDF
    Exploiting TLS Client Authentication for Widespread User Tracking
    • 2
    • Highly Influenced
    • PDF
    Turning Active TLS Scanning to Eleven
    • 1
    • PDF
    Towards a Complete View of the Certificate Ecosystem
    • 50
    • Highly Influenced
    • PDF
    Killed by Proxy: Analyzing Client-end TLS Interce
    • 43
    • PDF
    A survey of methods for encrypted traffic classification and analysis
    • 107
    • PDF


    Publications referenced by this paper.
    The Transport Layer Security (TLS) Protocol Version 1.2
    • 1,415
    • PDF
    Transport Layer Security
    • 309
    Fast Elliptic Curve Cryptography in OpenSSL
    • 58
    • PDF
    The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements
    • 177
    • PDF
    Cryptographic strength of ssl/tls servers: current and recent practices
    • 61
    • Highly Influential
    • PDF
    Speeding up Secure Web Transactions Using Elliptic Curve Cryptography
    • 59
    • PDF
    Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
    • 347
    • PDF
    Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
    • 171
    • PDF
    Transport layer security: how much does it really cost?
    • 155
    • PDF