Goal of the project
The main goal of project is to measure several factors about HTTPS servers, including TLS version/Ciphersuites, OS version, supported Protocols (HTTP version), and certificates. The supported SSL/TLS version is important because of the fact that SSL3 is insecure. However, there still exist servers on the Internet which support SSL 3.0 which in turn makes them vulnerable. Furthermore, we want to figure out what ciphersuites these HTTPS servers support. Ciphersuites are a combination of authentication, encryption, message authentication code and, key exchange algorithms used in the TLS protocol. Some of the algorithms used in ciphersuites also have known weaknesses. We compare the HTTPS servers, their support of TLS, ciphersuites and certificates between several universities around the US.
We measured for below universities' servers
Number of Studied IP Addresses and Active Servers
| University Name | Number of IP Addresses | Number of Active Servers |
|---|---|---|
| Purdue University | 360704 | 79 |
| Rice University | 1062656 | 213 |
| Stony Brook University (SBU) | 141056 | 357 |
| Stanford University | 337920 | 1002 |
| University of California, Los Angeles (UCLA) | 328704 | 3261 |
| University of California, Santa Barbara (UCSB) | 132608 | 1048 |
| Yale University | 131328 | 982 |
| University of Virginia (Virginia) | 234752 | 1052 |
| University of Oregon (Oregon) | 164864 | 2384 |
| University of Miami (Miami) | 210176 | 3703 |
| Duke University | 133376 | 1628 |
| University of Colorado Boulder (Colorado) | 19968 | 97 |
| University of California, Berkeley | 203520 | 2141 |
| University of Southern California (USC) | 200960 | 2717 |
| University of Utah | 400128 | 3615 |
| University of Washington (Washington) | 308992 | 3684 |
| The University of Texas at Austin (UTexas) | 295424 | 1122 |
| University of Pennsylvania (UPenn) | 262656 | 4301 |