Not much changes since October, mostly continuation of established
trends. Curiously, percentage of servers supporting just AES ciphers
jumped suddenly just over 3%.
More detailed analysis on my blog:
https://securitypitfalls.wordpress.com/2015/12/07/november-2015-scan-resu...
SSL/TLS survey of 530912 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate
installed)
Supported Ciphers Count Percent
-------------------------+---------+-------
3DES 457179 86.112
3DES Only 577 0.1087
AES 523844 98.6687
AES Only 40463 7.6214
AES-CBC 523220 98.5512
AES-CBC Only 10280 1.9363
AES-GCM 398334 75.0283
AES-GCM Only 481 0.0906
CAMELLIA 217685 41.0021
CAMELLIA Only 1 0.0002
CHACHA20 67665 12.7451
CHACHA20 Only 2 0.0004
Insecure 60479 11.3915
RC4 191727 36.1128
RC4 Only 977 0.184
RC4 Preferred 21462 4.0425
RC4 forced in TLS1.1+ 11194 2.1084
x:FF 29 RC4 Only 1213 0.2285
x:FF 29 RC4 Preferred 23754 4.4742
x:FF 29 incompatible 400 0.0753
x:FF 35 RC4 Only 1476 0.278
x:FF 35 RC4 Preferred 23839 4.4902
x:FF 35 incompatible 402 0.0757
y:DHE-RSA-SEED-SHA 65003 12.2436
y:IDEA-CBC-SHA 59414 11.1909
y:SEED-SHA 76068 14.3278
z:ADH-AES128-GCM-SHA256 396 0.0746
z:ADH-AES128-SHA 744 0.1401
z:ADH-AES128-SHA256 292 0.055
z:ADH-AES256-GCM-SHA384 408 0.0768
z:ADH-AES256-SHA 756 0.1424
z:ADH-AES256-SHA256 293 0.0552
z:ADH-CAMELLIA128-SHA 374 0.0704
z:ADH-CAMELLIA256-SHA 382 0.072
z:ADH-DES-CBC-SHA 303 0.0571
z:ADH-DES-CBC3-SHA 756 0.1424
z:ADH-RC4-MD5 616 0.116
z:ADH-SEED-SHA 305 0.0574
z:AECDH-AES128-SHA 10719 2.019
z:AECDH-AES256-SHA 10755 2.0258
z:AECDH-DES-CBC3-SHA 10685 2.0126
z:AECDH-NULL-SHA 63 0.0119
z:AECDH-RC4-SHA 10125 1.9071
z:DES-CBC-MD5 11270 2.1228
z:DES-CBC-SHA 36559 6.8861
z:DES-CBC3-MD5 23236 4.3766
z:ECDHE-RSA-NULL-SHA 68 0.0128
z:EDH-RSA-DES-CBC-SHA 31274 5.8906
z:EXP-ADH-DES-CBC-SHA 203 0.0382
z:EXP-ADH-RC4-MD5 199 0.0375
z:EXP-DES-CBC-SHA 14643 2.7581
z:EXP-EDH-RSA-DES-CBC-SHA 11812 2.2249
z:EXP-RC2-CBC-MD5 17779 3.3488
z:EXP-RC4-MD5 18577 3.4991
z:EXP1024-DES-CBC-SHA 4531 0.8534
z:EXP1024-RC4-SHA 4613 0.8689
z:IDEA-CBC-MD5 2255 0.4247
z:NULL-MD5 237 0.0446
z:NULL-SHA 236 0.0445
z:NULL-SHA256 32 0.006
z:RC2-CBC-MD5 11512 2.1683
z:RC4-64-MD5 922 0.1737
Cipher ordering Count Percent
-------------------------+---------+-------
Client side 134022 25.2437
Server side 396890 74.7563
Supported Handshakes Count Percent
-------------------------+---------+-------
ADH 896 0.1688
AECDH 10782 2.0308
DHE 289298 54.4908
ECDH 3 0.0006
ECDHE 425231 80.0944
ECDHE and DHE 223210 42.0427
RSA 458647 86.3885
Supported PFS Count Percent PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits 159457 30.0345 55.1186
DH,1536bits 1 0.0002 0.0003
DH,2048bits 121879 22.9565 42.1292
DH,2236bits 14 0.0026 0.0048
DH,3072bits 108 0.0203 0.0373
DH,3092bits 1 0.0002 0.0003
DH,4096bits 7458 1.4048 2.578
DH,512bits 40 0.0075 0.0138
DH,6144bits 1 0.0002 0.0003
DH,768bits 439 0.0827 0.1517
DH,8192bits 2 0.0004 0.0007
ECDH,B-571,570bits 1680 0.3164 0.3951
ECDH,K-571,570bits 1 0.0002 0.0002
ECDH,P-192,192bits 11 0.0021 0.0026
ECDH,P-224,224bits 81 0.0153 0.019
ECDH,P-256,256bits 411892 77.582 96.8631
ECDH,P-384,384bits 3589 0.676 0.844
ECDH,P-521,521bits 9333 1.7579 2.1948
Prefer DH,1024bits 58262 10.9739 20.1391
Prefer DH,1536bits 1 0.0002 0.0003
Prefer DH,2048bits 10378 1.9547 3.5873
Prefer DH,2236bits 1 0.0002 0.0003
Prefer DH,3072bits 13 0.0024 0.0045
Prefer DH,4096bits 392 0.0738 0.1355
Prefer DH,768bits 66 0.0124 0.0228
Prefer ECDH,B-571,570bits 1478 0.2784 0.3476
Prefer ECDH,K-571,570bits 1 0.0002 0.0002
Prefer ECDH,P-224,224bits 78 0.0147 0.0183
Prefer ECDH,P-256,256bits 370937 69.8679 87.2319
Prefer ECDH,P-384,384bits 3291 0.6199 0.7739
Prefer ECDH,P-521,521bits 8426 1.5871 1.9815
Prefer PFS 453324 85.3859 0
Support PFS 491319 92.5425 0
Supported ECC curves Count Percent
-------------------------+---------+--------
brainpoolP256r1 2073 0.3905
brainpoolP384r1 2074 0.3906
brainpoolP512r1 2074 0.3906
prime192v1 1449 0.2729
prime256v1 422425 79.5659
prime256v1 Only 368568 69.4217
secp160k1 1406 0.2648
secp160r1 1411 0.2658
secp160r2 1406 0.2648
secp192k1 1423 0.268
secp224k1 1491 0.2808
secp224r1 4011 0.7555
secp256k1 3482 0.6559
secp384r1 54256 10.2194
secp384r1 Only 444 0.0836
secp521r1 23612 4.4474
secp521r1 Only 128 0.0241
sect163k1 1415 0.2665
sect163k1 Only 2 0.0004
sect163r1 1413 0.2661
sect163r2 1409 0.2654
sect193r1 1409 0.2654
sect193r2 1407 0.265
sect233k1 1486 0.2799
sect233r1 1486 0.2799
sect239k1 1486 0.2799
sect283k1 3447 0.6493
sect283k1 Only 2 0.0004
sect283r1 3442 0.6483
sect409k1 3444 0.6487
sect409r1 3443 0.6485
sect571k1 3454 0.6506
sect571r1 3454 0.6506
Unsupported curve fallback Count Percent
------------------------------+---------+--------
False 69315 13.0558
True 299493 56.411
order-specific 82 0.0154
unknown 162022 30.5177
ECC curve ordering Count Percent
-------------------------+---------+--------
client 5116 0.9636
inconclusive-noecc 8 0.0015
server 417915 78.7164
unknown 107873 20.3184
TLSv1.2 PFS supported sigalgs Count Percent
------------------------------+---------+--------
ECDSA-SHA1 39752 7.4875
ECDSA-SHA1 Only 2 0.0004
ECDSA-SHA224 39755 7.4881
ECDSA-SHA256 53701 10.1149
ECDSA-SHA384 53712 10.1169
ECDSA-SHA512 53734 10.1211
ECDSA-SHA512 Only 22 0.0041
RSA-MD5 164964 31.0718
RSA-SHA1 368019 69.3183
RSA-SHA1 Only 42674 8.0379
RSA-SHA224 303273 57.123
RSA-SHA256 332849 62.6938
RSA-SHA256 Only 6204 1.1686
RSA-SHA384 304966 57.4419
RSA-SHA384 Only 1 0.0002
RSA-SHA512 305210 57.4879
RSA-SHA512 Only 277 0.0522
TLSv1.2 PFS ordering Count Percent
------------------------------+---------+--------
client 233407 43.9634
indeterminate 45 0.0085
intolerant 4576 0.8619
order-fallback 8 0.0015
server 177923 33.5127
unsupported 21601 4.0687
TLSv1.2 PFS sigalg fallback Count Percent
------------------------------+---------+--------
ECDSA SHA1 39724 7.4822
ECDSA intolerant 116 0.0218
ECDSA pfs-rsa-SHA512 13917 2.6213
ECDSA soft-nopfs 3 0.0006
RSA False 163706 30.8349
RSA SHA1 176523 33.249
RSA intolerant 35829 6.7486
RSA pfs-ecdsa-SHA512 27 0.0051
RSA soft-nopfs 1308 0.2464
Renegotiation Count Percent
-------------------------+---------+--------
False 6621 1.2471
insecure 18673 3.5172
secure 505618 95.2357
Compression Count Percent
-------------------------+---------+--------
1 (zlib compression) 9772 1.8406
False 6621 1.2471
NONE 514519 96.9123
TLS session ticket hint Count Percent
-------------------------+---------+--------
1 4 0.0008
1 only 4 0.0008
2 2 0.0004
2 only 2 0.0004
10 11 0.0021
10 only 11 0.0021
15 10 0.0019
15 only 10 0.0019
30 10 0.0019
30 only 9 0.0017
60 97 0.0183
60 only 90 0.017
65 2 0.0004
65 only 2 0.0004
70 6 0.0011
100 15 0.0028
100 only 15 0.0028
120 27 0.0051
120 only 27 0.0051
128 2 0.0004
128 only 2 0.0004
150 2 0.0004
180 41 0.0077
180 only 38 0.0072
240 5 0.0009
240 only 5 0.0009
300 244735 46.0971
300 only 240267 45.2555
302 3 0.0006
302 only 3 0.0006
360 2 0.0004
360 only 1 0.0002
400 8 0.0015
400 only 8 0.0015
420 124 0.0234
420 only 97 0.0183
450 1 0.0002
450 only 1 0.0002
480 13 0.0024
480 only 13 0.0024
500 3 0.0006
500 only 3 0.0006
540 1 0.0002
540 only 1 0.0002
600 26475 4.9867
600 only 26305 4.9547
700 1 0.0002
700 only 1 0.0002
720 1 0.0002
720 only 1 0.0002
840 1 0.0002
840 only 1 0.0002
900 878 0.1654
900 only 861 0.1622
960 2 0.0004
960 only 2 0.0004
1200 2334 0.4396
1200 only 2330 0.4389
1320 1 0.0002
1320 only 1 0.0002
1500 9 0.0017
1500 only 8 0.0015
1800 499 0.094
1800 only 490 0.0923
1980 1 0.0002
1980 only 1 0.0002
2100 1 0.0002
2100 only 1 0.0002
2400 8 0.0015
2400 only 8 0.0015
2700 10 0.0019
2700 only 10 0.0019
3000 26 0.0049
3000 only 26 0.0049
3600 573 0.1079
3600 only 560 0.1055
3900 3 0.0006
3900 only 3 0.0006
4200 1 0.0002
5160 1 0.0002
5160 only 1 0.0002
5400 13 0.0024
5400 only 6 0.0011
6000 179 0.0337
6000 only 179 0.0337
7200 15645 2.9468
7200 only 15623 2.9427
10800 3114 0.5865
10800 only 3110 0.5858
14400 99 0.0186
14400 only 99 0.0186
18000 8 0.0015
18000 only 8 0.0015
21600 4849 0.9133
21600 only 4637 0.8734
25200 1 0.0002
25200 only 1 0.0002
28800 3555 0.6696
28800 only 3543 0.6673
36000 1157 0.2179
36000 only 1150 0.2166
43200 40 0.0075
43200 only 40 0.0075
60000 1 0.0002
60000 only 1 0.0002
64800 51789 9.7547
64800 only 51762 9.7496
72000 29 0.0055
72000 only 29 0.0055
84600 1 0.0002
84600 only 1 0.0002
86000 39 0.0073
86000 only 39 0.0073
86400 3482 0.6559
86400 only 3471 0.6538
100800 10699 2.0152
100800 only 10688 2.0131
129600 10 0.0019
129600 only 10 0.0019
172800 9 0.0017
172800 only 9 0.0017
216000 2 0.0004
216000 only 2 0.0004
432000 2 0.0004
432000 only 2 0.0004
604800 5 0.0009
604800 only 3 0.0006
864000 3 0.0006
864000 only 3 0.0006
None 165273 31.13
None only 160236 30.1813
Certificate sig alg Count Percent
-------------------------+---------+--------
None 11419 2.1508
ecdsa-with-SHA256 53709 10.1164
sha1WithRSAEncryption 79229 14.9232
sha256WithRSAEncryption 413158 77.8204
sha384WithRSAEncryption 6 0.0011
sha512WithRSAEncryption 33 0.0062
Certificate key size Count Percent
-------------------------+---------+--------
ECDSA 256 53748 10.1237
ECDSA 384 12 0.0023
ECDSA 521 1 0.0002
RSA 1024 38 0.0072
RSA 10240 8 0.0015
RSA 2048 470388 88.6
RSA 2049 4 0.0008
RSA 2056 1 0.0002
RSA 2058 2 0.0004
RSA 2064 1 0.0002
RSA 2084 3 0.0006
RSA 2096 1 0.0002
RSA 2408 2 0.0004
RSA 2432 2 0.0004
RSA 2480 1 0.0002
RSA 3071 1 0.0002
RSA 3072 144 0.0271
RSA 3096 2 0.0004
RSA 3120 2 0.0004
RSA 3248 2 0.0004
RSA 4042 1 0.0002
RSA 4048 1 0.0002
RSA 4056 22 0.0041
RSA 4069 1 0.0002
RSA 4086 1 0.0002
RSA 4092 6 0.0011
RSA 4094 1 0.0002
RSA 4096 20509 3.863
RSA 4098 1 0.0002
RSA 4196 1 0.0002
RSA 8192 3 0.0006
RSA/ECDSA Dual Stack 13986 2.6343
OCSP stapling Count Percent
-------------------------+---------+--------
Supported 115313 21.7198
Unsupported 415599 78.2802
Supported Protocols Count Percent
-------------------------+---------+-------
SSL2 23492 4.4248
SSL2 Only 19 0.0036
SSL3 121502 22.8855
SSL3 Only 470 0.0885
SSL3 or TLS1 Only 68017 12.8114
SSL3 or lower Only 487 0.0917
TLS1 525297 98.9424
TLS1 Only 40462 7.6212
TLS1 or lower Only 89960 16.9444
TLS1.1 427273 80.4791
TLS1.1 Only 312 0.0588
TLS1.1 or up Only 4757 0.896
TLS1.2 437543 82.4135
TLS1.2 Only 2067 0.3893
TLS1.2, 1.0 but not 1.1 11005 2.0728
Statistics from 566530 chains provided by 702674 hosts
Server provided chains Count Percent
-------------------------+---------+-------
complete 500948 71.2917
incomplete 27324 3.8886
untrusted 174402 24.8198
Trusted chain statistics
========================
Chain length Count Percent
-------------------------+---------+-------
2 40 0.0071
3 564250 99.5975
4 2220 0.3919
5 20 0.0035
CA key size in chains Count
-------------------------+---------
ECDSA 256 53700
ECDSA 384 53703
RSA 1024 38
RSA 2045 3
RSA 2048 886848
RSA 4096 140988
Chains with CA key Count Percent
-------------------------+---------+-------
ECDSA 256 53700 9.4788
ECDSA 384 53703 9.4793
RSA 1024 36 0.0064
RSA 2045 3 0.0005
RSA 2048 512489 90.4611
RSA 4096 140488 24.798
Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384 53695
sha1WithRSAEncryption 87476
sha256WithRSAEncryption 301918
sha384WithRSAEncryption 125587
sha512WithRSAEncryption 74
Eff. host cert chain LoS Count Percent
-------------------------+---------+-------
80 87515 15.4475
112 425304 75.0718
128 53711 9.4807
Root CAs Count Percent
---------------------------------------------+---------+-------
(d6325660) COMODO RSA Certification Authority 116038 20.4822
(2c543cd1) GeoTrust Global CA 109648 19.3543
(eed8c118) COMODO ECC Certification Authority 53687 9.4765
(cbf06781) Go Daddy Root Certificate Authorit 48182 8.5048
(5ad8a5d6) GlobalSign Root CA 44132 7.7899
(b204d74a) VeriSign Class 3 Public Primary Ce 32386 5.7166
(244b5494) DigiCert High Assurance EV Root CA 26649 4.7039
(2e4eed3c) thawte Primary Root CA 22839 4.0314
(157753a5) AddTrust External CA Root 21671 3.8252
(653b494a) Baltimore CyberTrust Root 12055 2.1279
(fc5a8f99) USERTrust RSA Certification Author 9450 1.668
(ae8153b9) StartCom Certification Authority 9327 1.6463
(4bfab552) Starfield Root Certificate Authori 9162 1.6172
(3513523f) DigiCert Global Root CA 8636 1.5244
Scan performed between 22nd November and 3rd of December 2015
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web:
www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic