RC4 in HTTPS
RC4 is no longer considered secure, and should not be used anymore according to RFC7465 (RFC draft). New attacks can be used to decipher the communication content within days, like session cookies.
The past weeks we have been busy scanning more than 2 million HTTPS servers and their detailed TLS configuration using sslyze, out of a total of 44 million IPv4-wide. From those 2 million scanned hosts, 1.3 million or 61,7% allowed a CipherSuite with RC4, whereas 350.000 (or 16%) even preferred RC4 over more secure ciphers like AES or Camellia.
This does not necessarily mean that users are at risk, since the server picks the cipher to be used. If a modern and up to date browser is used, there is little risk for useres. Due to the widespread usage of RC4 however, older browsers are at risk. The details on the recent attacks on RC4 can be found here and here, and will be presented in August at USENIX Security 2015, members SBA Research will be there. RC4 must not be used anymore, details on how this could be prevented can be found at bettercrypto.org or in RFC7525.
[Update] More details on the numbers:
2.181.846 valid https hosts checked
1.347.105 accept at least one cipher-suite with RC4 enabled
834.741 do not accept one cipher suite with RC4
----
61.74 % accept RC4
2.181.846 valid https hosts checked
349.677 prefer any RC4 ciphersuite in any TLS version
1.832.169 do not prefer any RC4 ciphersuite
—-
16.03% prefer RC4
Please contact Martin Mulazzani in case of questions.
Press Release RC4