[Ach] New study on Forward Secrecy

Hanno Böck hanno at hboeck.de
Wed Dec 31 00:37:13 CET 2014


On Tue, 30 Dec 2014 18:25:44 +0100
Aaron Zauner <azet at azet.org> wrote:

> Forward secrecy guarantees that eavesdroppers simply
> cannot reveal secret data of past communications. While
> many TLS servers have deployed the ephemeral Diffie-Hellman
> (DHE) key exchange to support forward secrecy, most sites use
> weak DH parameters resulting in a false sense of security. In
> our study, we surveyed a total of 473,802 TLS servers and
> found that 82.9% of the DHE-enabled servers were using weak
> DH parameters. Furthermore, given current parameter and

There should be something said about these numers: They were from
january 2014. apache only added support for > 1024 bit in november 2013.
I assume it's likely much higher now, although probably still in a bad

I was highly confused by the fact they claim that only 14 servers
supported 4096 bit DH. That'd mean that I would run a significant
portion of those.

Hanno Böck

mail/jabber: hanno at hboeck.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20141231/2340ab45/attachment.sig>

More information about the Ach mailing list