Towards Forward Secure Internet Traffic
Eman Salem Alashwali, Pawel Szalachowski, Andrew Martin

TL;DR
This paper analyzes the prevalence of forward secrecy in pre-TLS 1.3 protocols across millions of servers, revealing significant gaps and proposing mechanisms to improve forward secrecy adoption.
Contribution
It provides an empirical analysis of FS support in existing TLS servers and introduces new client-side mechanisms to enhance FS adoption.
Findings
5.37% of top domains lack FS support
39.20% of top domains support FS despite not selecting it
Proposes BEFS and BESAFE mechanisms to improve FS adoption
Abstract
Forward Secrecy (FS) is a security property in key-exchange algorithms which guarantees that a compromise in the secrecy of a long-term private-key does not compromise the secrecy of past session keys. With a growing awareness of long-term mass surveillance programs by governments and others, FS has become widely regarded as a highly desirable property. This is particularly true in the TLS protocol, which is used to secure Internet communication. In this paper, we investigate FS in pre-TLS 1.3 protocols, which do not mandate FS, but still widely used today. We conduct an empirical analysis of over 10 million TLS servers from three different datasets using a novel heuristic approach. Using a modern TLS client handshake algorithms, our results show 5.37% of top domains, 7.51% of random domains, and 26.16% of random IPs do not select FS key-exchange algorithms. Surprisingly, 39.20% of the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
