Sciweavers

IMC
2007
ACM

Cryptographic strength of ssl/tls servers: current and recent practices

14 years 2 months ago
Cryptographic strength of ssl/tls servers: current and recent practices
The Secure Socket Layer (SSL) and its variant, Transport Layer Security (TLS), are used toward ensuring server security. In this paper, we characterize the cryptographic strength of public servers running SSL/TLS. We present a tool developed for this purpose, the Probing SSL Security Tool (PSST), and evaluate over 19,000 servers. We expose the great diversity in the levels of cryptographic strength that is supported on the Internet. Some of our discouraging results show that most sites still support the insecure SSL 2.0, weak export-level grades of encryption ciphers, or weak RSA key strengths. We also observe encouraging behavior such as sensible default choices by servers when presented with multiple options, the quick adoption of AES (more than half the servers support strong key AES as their default choice), and the use of strong RSA key sizes of 1024 bits and above. Comparing results of running our tool over the last two years points to a positive trend that is moving in the righ...
Homin K. Lee, Tal Malkin, Erich M. Nahum
Added 26 Oct 2010
Updated 26 Oct 2010
Type Conference
Year 2007
Where IMC
Authors Homin K. Lee, Tal Malkin, Erich M. Nahum
Comments (0)