A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf
.
An Experimental Study of TLS Forward Secrecy Deployments
2014
IEEE Internet Computing
Forward secrecy guarantees that eavesdroppers simply cannot reveal secret data of past communications. While many TLS servers have deployed the ephemeral Diffie-Hellman (DHE) key exchange to support forward secrecy, most sites use weak DH parameters resulting in a false sense of security. In our study, we surveyed a total of 473,802 TLS servers and found that 82.9% of the DHE-enabled servers were using weak DH parameters. Furthermore, given current parameter and algorithm choices, we show that
doi:10.1109/mic.2014.86
fatcat:umtqhugf6zc7bfnzuo6as6a4ii