Just continuation of established trends, most website administrators
vulnerable to Logjam haven't taken any action to fix it on their side.
As always, detailed analysis on my blog:
https://securitypitfalls.wordpress.com/2015/07/14/june-2015-scan-results/
SSL/TLS survey of 496355 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)
Supported Ciphers Count Percent
-------------------------+---------+-------
3DES 414245 83.4574
3DES Only 840 0.1692
AES 485964 97.9065
AES Only 17816 3.5894
AES-CBC 485837 97.881
AES-CBC Only 9490 1.9119
AES-GCM 331682 66.8235
AES-GCM Only 32 0.0064
CAMELLIA 216922 43.703
CAMELLIA Only 4 0.0008
CHACHA20 58723 11.8308
CHACHA20 Only 22 0.0044
Insecure 75670 15.2451
RC4 263495 53.086
RC4 Only 1710 0.3445
RC4 Preferred 33485 6.7462
RC4 forced in TLS1.1+ 18129 3.6524
x:FF 29 RC4 Only 2047 0.4124
x:FF 29 RC4 Preferred 37569 7.569
x:FF 29 incompatible 124 0.025
x:FF 35 RC4 Only 2377 0.4789
x:FF 35 RC4 Preferred 37715 7.5984
x:FF 35 incompatible 128 0.0258
y:DHE-RSA-SEED-SHA 101229 20.3945
y:IDEA-CBC-SHA 85830 17.2921
y:SEED-SHA 103066 20.7646
z:ADH-AES128-GCM-SHA256 311 0.0627
z:ADH-AES128-SHA 1107 0.223
z:ADH-AES128-SHA256 213 0.0429
z:ADH-AES256-GCM-SHA384 318 0.0641
z:ADH-AES256-SHA 1115 0.2246
z:ADH-AES256-SHA256 215 0.0433
z:ADH-CAMELLIA128-SHA 669 0.1348
z:ADH-CAMELLIA256-SHA 677 0.1364
z:ADH-DES-CBC-SHA 349 0.0703
z:ADH-DES-CBC3-SHA 1128 0.2273
z:ADH-RC4-MD5 1007 0.2029
z:ADH-SEED-SHA 605 0.1219
z:AECDH-AES128-SHA 17615 3.5489
z:AECDH-AES256-SHA 17629 3.5517
z:AECDH-DES-CBC3-SHA 17568 3.5394
z:AECDH-NULL-SHA 41 0.0083
z:AECDH-RC4-SHA 16900 3.4048
z:DES-CBC-MD5 14286 2.8782
z:DES-CBC-SHA 40810 8.2219
z:DES-CBC3-MD5 28088 5.6589
z:ECDHE-RSA-NULL-SHA 53 0.0107
z:EDH-RSA-DES-CBC-SHA 34934 7.0381
z:EXP-ADH-DES-CBC-SHA 252 0.0508
z:EXP-ADH-RC4-MD5 252 0.0508
z:EXP-DES-CBC-SHA 19650 3.9589
z:EXP-EDH-RSA-DES-CBC-SHA 16259 3.2757
z:EXP-RC2-CBC-MD5 23866 4.8083
z:EXP-RC4-MD5 25158 5.0685
z:EXP1024-DES-CBC-SHA 6288 1.2668
z:EXP1024-RC4-SHA 6374 1.2842
z:IDEA-CBC-MD5 2558 0.5154
z:NULL-MD5 259 0.0522
z:NULL-SHA 261 0.0526
z:NULL-SHA256 20 0.004
z:RC2-CBC-MD5 14614 2.9443
z:RC4-64-MD5 1161 0.2339
Cipher ordering Count Percent
-------------------------+---------+-------
Client side 132994 26.7941
Server side 363361 73.2059
Supported Handshakes Count Percent
-------------------------+---------+-------
ADH 1238 0.2494
AECDH 17668 3.5595
DHE 280798 56.572
ECDH 1 0.0002
ECDHE 358229 72.1719
ECDHE and DHE 196228 39.5338
RSA 455866 91.8427
Supported PFS Count Percent PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits 210208 42.3503 74.8609
DH,1536bits 2 0.0004 0.0007
DH,2048bits 62891 12.6706 22.3972
DH,2236bits 3 0.0006 0.0011
DH,3072bits 2689 0.5417 0.9576
DH,4096bits 4249 0.856 1.5132
DH,512bits 73 0.0147 0.026
DH,6144bits 1 0.0002 0.0004
DH,768bits 729 0.1469 0.2596
ECDH,B-163,163bits 1 0.0002 0.0003
ECDH,B-571,570bits 1330 0.268 0.3713
ECDH,K-571,570bits 1 0.0002 0.0003
ECDH,P-192,192bits 2 0.0004 0.0006
ECDH,P-224,224bits 67 0.0135 0.0187
ECDH,P-256,256bits 349478 70.4089 97.5571
ECDH,P-384,384bits 3644 0.7342 1.0172
ECDH,P-521,521bits 6198 1.2487 1.7302
Prefer DH,1024bits 81235 16.3663 28.93
Prefer DH,1536bits 1 0.0002 0.0004
Prefer DH,2048bits 3908 0.7873 1.3917
Prefer DH,2236bits 1 0.0002 0.0004
Prefer DH,3072bits 27 0.0054 0.0096
Prefer DH,4096bits 120 0.0242 0.0427
Prefer DH,512bits 2 0.0004 0.0007
Prefer DH,768bits 347 0.0699 0.1236
Prefer ECDH,B-163,163bits 1 0.0002 0.0003
Prefer ECDH,B-571,570bits 1124 0.2265 0.3138
Prefer ECDH,K-571,570bits 1 0.0002 0.0003
Prefer ECDH,P-224,224bits 40 0.0081 0.0112
Prefer ECDH,P-256,256bits 293410 59.1129 81.9057
Prefer ECDH,P-384,384bits 2068 0.4166 0.5773
Prefer ECDH,P-521,521bits 5823 1.1732 1.6255
Prefer PFS 388108 78.1916 0
Support PFS 442799 89.2101 0
Supported ECC curves Count Percent
-------------------------+---------+--------
brainpoolP256r1 364 0.0733
brainpoolP384r1 364 0.0733
brainpoolP512r1 364 0.0733
prime192v1 1331 0.2682
prime256v1 357188 71.9622
prime256v1 Only 311537 62.765
secp160k1 1298 0.2615
secp160r1 1303 0.2625
secp160r2 1298 0.2615
secp192k1 1315 0.2649
secp224k1 1370 0.276
secp224r1 2711 0.5462
secp224r1 Only 2 0.0004
secp256k1 1587 0.3197
secp384r1 45900 9.2474
secp384r1 Only 249 0.0502
secp521r1 13918 2.804
secp521r1 Only 115 0.0232
sect163k1 1300 0.2619
sect163k1 Only 3 0.0006
sect163r1 1297 0.2613
sect163r2 1298 0.2615
sect163r2 Only 1 0.0002
sect193r1 1297 0.2613
sect193r2 1297 0.2613
sect233k1 1362 0.2744
sect233r1 1361 0.2742
sect239k1 1360 0.274
sect283k1 1566 0.3155
sect283r1 1566 0.3155
sect409k1 1566 0.3155
sect409r1 1565 0.3153
sect571k1 1575 0.3173
sect571r1 1574 0.3171
Unsupported curve fallback Count Percent
------------------------------+---------+--------
False 80483 16.2148
True 231859 46.7123
order-specific 16 0.0032
unknown 183997 37.0696
ECC curve ordering Count Percent
-------------------------+---------+--------
client 2665 0.5369
inconclusive-noecc 16 0.0032
server 354894 71.5
unknown 138780 27.9598
TLSv1.2 PFS supported sigalgs Count Percent
------------------------------+---------+--------
ECDSA-SHA1 31932 6.4333
ECDSA-SHA1 Only 1 0.0002
ECDSA-SHA224 31953 6.4375
ECDSA-SHA256 31989 6.4448
ECDSA-SHA384 32035 6.4541
ECDSA-SHA512 32097 6.4665
ECDSA-SHA512 Only 62 0.0125
RSA-MD5 151912 30.6055
RSA-SHA1 316124 63.6891
RSA-SHA1 Only 44717 9.0091
RSA-SHA224 256857 51.7486
RSA-SHA256 276593 55.7248
RSA-SHA256 Only 4237 0.8536
RSA-SHA384 257841 51.9469
RSA-SHA512 258008 51.9805
RSA-SHA512 Only 160 0.0322
TLSv1.2 PFS ordering Count Percent
------------------------------+---------+--------
client 237214 47.7912
indeterminate 8 0.0016
intolerant 3109 0.6264
order-fallback 18 0.0036
server 113482 22.8631
unsupported 28681 5.7783
TLSv1.2 PFS sigalg fallback Count Percent
------------------------------+---------+--------
ECDSA SHA1 31910 6.4289
ECDSA intolerant 295 0.0594
ECDSA soft-nopfs 1 0.0002
RSA False 147535 29.7237
RSA SHA1 141919 28.5922
RSA intolerant 28072 5.6556
RSA soft-nopfs 4494 0.9054
Renegotiation Count Percent
-------------------------+---------+--------
False 7988 1.6093
insecure 22086 4.4496
secure 466281 93.941
Compression Count Percent
-------------------------+---------+--------
1 (zlib compression) 12174 2.4527
False 7988 1.6093
NONE 476193 95.938
TLS session ticket hint Count Percent
-------------------------+---------+--------
1 3 0.0006
1 only 3 0.0006
2 2 0.0004
2 only 2 0.0004
5 2 0.0004
5 only 2 0.0004
10 7 0.0014
10 only 7 0.0014
15 10 0.002
15 only 10 0.002
30 11 0.0022
30 only 11 0.0022
60 95 0.0191
60 only 90 0.0181
70 6 0.0012
100 15 0.003
100 only 15 0.003
120 31 0.0062
120 only 31 0.0062
128 2 0.0004
128 only 2 0.0004
150 2 0.0004
180 52 0.0105
180 only 50 0.0101
240 9 0.0018
240 only 9 0.0018
300 215043 43.3244
300 only 209657 42.2393
400 7 0.0014
400 only 7 0.0014
420 112 0.0226
420 only 68 0.0137
480 12 0.0024
480 only 12 0.0024
500 3 0.0006
500 only 3 0.0006
540 1 0.0002
540 only 1 0.0002
600 21511 4.3338
600 only 21353 4.302
720 2 0.0004
720 only 1 0.0002
900 604 0.1217
900 only 585 0.1179
960 2 0.0004
960 only 2 0.0004
1200 1894 0.3816
1200 only 1888 0.3804
1440 1 0.0002
1440 only 1 0.0002
1500 11 0.0022
1500 only 10 0.002
1800 411 0.0828
1800 only 405 0.0816
2400 6 0.0012
2400 only 6 0.0012
2700 8 0.0016
2700 only 8 0.0016
3000 14 0.0028
3000 only 13 0.0026
3300 1 0.0002
3300 only 1 0.0002
3600 424 0.0854
3600 only 409 0.0824
3900 2 0.0004
3900 only 2 0.0004
4200 1 0.0002
5400 15 0.003
5400 only 3 0.0006
6000 4 0.0008
6000 only 4 0.0008
7200 15262 3.0748
7200 only 10520 2.1195
10800 1975 0.3979
10800 only 1968 0.3965
14400 74 0.0149
14400 only 73 0.0147
18000 11 0.0022
18000 only 11 0.0022
21600 4863 0.9797
21600 only 4863 0.9797
28800 2439 0.4914
28800 only 2009 0.4048
36000 1142 0.2301
36000 only 1136 0.2289
43200 28 0.0056
43200 only 26 0.0052
60000 1 0.0002
60000 only 1 0.0002
64800 45917 9.2508
64800 only 45644 9.1958
72000 10 0.002
72000 only 10 0.002
86000 43 0.0087
86000 only 43 0.0087
86400 3392 0.6834
86400 only 3391 0.6832
100800 12408 2.4998
100800 only 12385 2.4952
129600 7 0.0014
129600 only 7 0.0014
172800 5 0.001
172800 only 5 0.001
216000 1 0.0002
216000 only 1 0.0002
432000 1 0.0002
432000 only 1 0.0002
604800 2 0.0004
604800 only 2 0.0004
864000 1 0.0002
864000 only 1 0.0002
None 179585 36.1808
None only 168439 33.9352
Certificate sig alg Count Percent
-------------------------+---------+--------
None 18390 3.705
ecdsa-with-SHA256 32196 6.4865
sha1WithRSAEncryption 162789 32.7969
sha256WithRSAEncryption 301606 60.7642
sha384WithRSAEncryption 3 0.0006
sha512WithRSAEncryption 7 0.0014
Certificate key size Count Percent
-------------------------+---------+--------
ECDSA 256 32226 6.4925
ECDSA 384 7 0.0014
ECDSA 521 1 0.0002
RSA 1024 139 0.028
RSA 10240 4 0.0008
RSA 2047 1 0.0002
RSA 2048 446454 89.9465
RSA 2049 3 0.0006
RSA 2056 3 0.0006
RSA 2058 2 0.0004
RSA 2064 1 0.0002
RSA 2080 2 0.0004
RSA 2084 9 0.0018
RSA 2096 1 0.0002
RSA 2345 1 0.0002
RSA 2408 3 0.0006
RSA 2432 5 0.001
RSA 2612 2 0.0004
RSA 3071 1 0.0002
RSA 3072 96 0.0193
RSA 3096 1 0.0002
RSA 3102 1 0.0002
RSA 3248 2 0.0004
RSA 4042 1 0.0002
RSA 4048 2 0.0004
RSA 4056 26 0.0052
RSA 4069 1 0.0002
RSA 4086 2 0.0004
RSA 4092 7 0.0014
RSA 4096 17401 3.5058
RSA 8192 5 0.001
RSA/ECDSA Dual Stack 45 0.0091
OCSP stapling Count Percent
-------------------------+---------+--------
Supported 97129 19.5685
Unsupported 399226 80.4315
Supported Protocols Count Percent
-------------------------+---------+-------
SSL2 28373 5.7163
SSL2 Only 30 0.006
SSL3 139997 28.205
SSL3 Only 891 0.1795
SSL3 or TLS1 Only 84026 16.9286
SSL3 or lower Only 919 0.1851
TLS1 493251 99.3746
TLS1 Only 48794 9.8305
TLS1 or lower Only 110400 22.2421
TLS1.1 372212 74.9891
TLS1.1 Only 33 0.0066
TLS1.1 or up Only 1982 0.3993
TLS1.2 382499 77.0616
TLS1.2 Only 916 0.1845
TLS1.2, 1.0 but not 1.1 11830 2.3834
Statistics from 517131 chains provided by 680456 hosts
Server provided chains Count Percent
-------------------------+---------+-------
complete 470323 69.1188
incomplete 19965 2.9341
untrusted 190168 27.9471
Trusted chain statistics
========================
Chain length Count Percent
-------------------------+---------+-------
2 328 0.0634
3 262695 50.7985
4 249615 48.2692
5 4493 0.8688
CA key size in chains Count
-------------------------+---------
ECDSA 256 32189
ECDSA 384 32184
RSA 1024 65659
RSA 2045 1
RSA 2048 1046763
RSA 4096 115739
Chains with CA key Count Percent
-------------------------+---------+-------
ECDSA 256 32189 6.2245
ECDSA 384 32184 6.2236
RSA 1024 65657 12.6964
RSA 2045 1 0.0002
RSA 2048 484420 93.6745
RSA 4096 114849 22.2089
Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384 32189
sha1WithRSAEncryption 287125
sha256WithRSAEncryption 256796
sha384WithRSAEncryption 199294
Eff. host cert chain LoS Count Percent
-------------------------+---------+-------
80 236752 45.7818
112 248197 47.995
128 32182 6.2232
Root CAs Count Percent
---------------------------------------------+---------+-------
(861a399d) AddTrust Class 1 CA Root 126586 24.4785
(2c543cd1) GeoTrust Global CA 111618 21.5841
(f081611a) The Go Daddy Group, Inc. 52765 10.2034
(5ad8a5d6) GlobalSign Root CA 52501 10.1524
(eed8c118) COMODO ECC Certification Authority 32182 6.2232
(415660c1) VeriSign, Inc. 30856 5.9668
(aee5f10d)
Entrust.net Certification Authorit 28570 5.5247
(6cc3c4c3) Thawte Server CA 25221 4.8771
(f387163d) Starfield Technologies, Inc. 11117 2.1497
(ae8153b9) StartCom Certification Authority 9414 1.8204
(653b494a) Baltimore CyberTrust Root 8928 1.7264
(578d5c04) Equifax 6563 1.2691
(244b5494) DigiCert High Assurance EV Root CA 6432 1.2438
Scan performed between 18th and 28th of June 2015.
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web:
www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic