An Experimental Study of TLS Forward Secrecy Deployments

Provided by: Stanford University
Topic: Security
Format: PDF
Forward secrecy guarantees that eavesdroppers simply cannot reveal secret data of past communications. While many TLS servers have deployed the ephemeral Diffie-Hellman (DH) key exchange to support forward secrecy, most sites use weak DH parameters resulting in a false sense of security. In this paper, the authors surveyed a total of 473,802 TLS servers and found that 82.9% of the DHE-enabled servers were using weak DH parameters. Furthermore, given current parameter and algorithm choices, they show that the traditional performance argument against forward secrecy is no longer true.

Find By Topic