SSL协议_一_概述

最新推荐文章于 2024-10-04 21:33:19 发布
最新推荐文章于 2024-10-04 21:33:19 发布
阅读量1.1k 收藏
点赞数
分类专栏: Network
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/hpp205/article/details/48994917
版权

参考:https://en.wikipedia.org/wiki/Transport_Layer_Security

 

 

Authentication and key exchange/agreement
AlgorithmSSL 2.0SSL 3.0TLS 1.0TLS 1.1TLS 1.2TLS 1.3
(Draft)		Status
RSAYesYesYesYesYesNoDefined for TLS 1.2 in RFCs
DH-RSANoYesYesYesYesNo
DHE-RSA (forward secrecy)NoYesYesYesYesYes
ECDH-RSANoNoYesYesYesNo
ECDHE-RSA (forward secrecy)NoNoYesYesYesYes
DH-DSSNoYesYesYesYesNo
DHE-DSS (forward secrecy)NoYesYesYesYesNo[22]
ECDH-ECDSANoNoYesYesYesNo
ECDHE-ECDSA (forward secrecy)NoNoYesYesYesYes
PSKNoNoYesYesYes 
PSK-RSANoNoYesYesYes 
DHE-PSK (forward secrecy)NoNoYesYesYes 
ECDHE-PSK (forward secrecy)NoNoYesYesYes 
SRPNoNoYesYesYes 
SRP-DSSNoNoYesYesYes 
SRP-RSANoNoYesYesYes 
KerberosNoNoYesYesYes 
DH-ANON (insecure)NoYesYesYesYes 
ECDH-ANON (insecure)NoNoYesYesYes 
GOST R 34.10-94 / 34.10-2001[23]NoNoYesYesYes Proposed in RFC drafts

 

 

Cipher security against publicly known feasible attacks
CipherProtocol versionStatus
TypeAlgorithmStrength (bits)SSL 2.0SSL 3.0
[n 1][n 2][n 3][n 4]		TLS 1.0
[n 1][n 3]		TLS 1.1
[n 1]		TLS 1.2
[n 1]		TLS 1.3
(Draft)
Block cipher
with
mode of operation		AES GCM[24][n 5]256, 128N/AN/AN/AN/ASecureSecureDefined for TLS 1.2 in RFCs
AES CCM[25][n 5]N/AN/AN/AN/ASecureSecure
AES CBC[n 6]N/AN/ADepends on mitigationsSecureSecureN/A
Camellia GCM[26][n 5]256, 128N/AN/AN/AN/ASecureSecure
Camellia CBC[27][n 6]N/AN/ADepends on mitigationsSecureSecureN/A
ARIA GCM[28][n 5]256, 128N/AN/AN/AN/ASecureSecure
ARIA CBC[28][n 6]N/AN/ADepends on mitigationsSecureSecureN/A
SEED CBC[29][n 6]128N/AN/ADepends on mitigationsSecureSecureN/A
3DES EDE CBC[n 6]112[n 7]InsecureInsecureLow strength, Depends on mitigationsLow strengthLow strengthN/A
GOST 28147-89 CNT[23]256N/AN/ASecureSecureSecure Proposed in RFC drafts
IDEA CBC[n 6][n 8]128InsecureInsecureDepends on mitigationsSecureN/AN/ARemoved from TLS 1.2
DES CBC[n 6][n 8]56InsecureInsecureInsecureInsecureN/AN/A
40[n 9]InsecureInsecureInsecureN/AN/AN/AForbidden in TLS 1.1 and later
RC2 CBC[n 6]40[n 9]InsecureInsecureInsecureN/AN/AN/A
Stream cipherChaCha20-Poly1305[33][n 5]256N/AN/AN/AN/ASecureSecureProposed in RFC drafts
RC4[n 10]128InsecureInsecureInsecureInsecureInsecureN/AProhibited in all versions of TLS
40[n 9]InsecureInsecureInsecureN/AN/AN/A
NoneNull[n 11]-N/AInsecureInsecureInsecureInsecureInsecureDefined for TLS 1.2 in RFCs

 

Data integrity
AlgorithmSSL 2.0SSL 3.0TLS 1.0TLS 1.1TLS 1.2TLS 1.3
(Draft)		Status
HMAC-MD5YesYesYesYesYes Defined for TLS 1.2 in RFCs
HMAC-SHA1NoYesYesYesYes 
HMAC-SHA256/384NoNoNoNoYes 
AEADNoNoNoNoYes 
GOST 28147-89 IMIT[23]NoNoYesYesYes Proposed in RFC drafts
GOST R 34.11-94[23]NoNoYesYesYes 

 

 

 

Library support for TLS/SSL
ImplementationSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0TLS 1.1TLS 1.2TLS 1.3
(Draft)
BotanNoNo[155]YesYesYes 
cryptlibNoEnabled by defaultYesYesYes 
GnuTLSNo[a]Disabled by default[156]YesYesYes 
Java Secure Socket ExtensionNo[a]Disabled by default[b]YesYesYes 
LibreSSLNo[157]No[158]YesYesYes 
MatrixSSLNo[a]Disabled by default at compile time[159]YesYesYes 
mbed TLS (previously PolarSSL)NoEnabled by defaultYesYesYes 
Network Security ServicesDisabled by default[a]Disabled by default[160]YesYes[161]Yes[162] 
OpenSSLEnabled by defaultEnabled by defaultYesYes[163]Yes[163] 
RSA BSAFE[164]NoYesYesYesYes 
SChannel XP / 2003[165]Disabled by default by MSIE 7Enabled by defaultEnabled by default by MSIE 7NoNo 
SChannel Vista / 2008[166]Disabled by defaultEnabled by defaultYesNoNo 
SChannel 7 / 2008 R2[167]Disabled by defaultDisabled by default in MSIE 11YesEnabled by default by MSIE 11Enabled by default by MSIE 11 
SChannel 8 / 2012[167]Disabled by defaultEnabled by defaultYesDisabled by defaultDisabled by default 
SChannel 8.1 / 2012 R2, 10[167]Disabled by defaultDisabled by default in MSIE 11YesYesYes 
Secure Transport OS X 10.2-10.7 / iOS 1-4YesYesYesNoNo 
Secure Transport OS X 10.8-10.10 / iOS 5-8No[c]YesYesYes[c]Yes[c] 
Secure Transport OS X 10.11 / iOS 9NoNo[c]YesYesYes 
SharkSSLNoEnabled by defaultYesYesYes 
wolfSSL (previously CyaSSL)NoDisabled by default[168]YesYesYes 
ImplementationSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0TLS 1.1TLS 1.2TLS 1.3
(Draft)

 

 

Website protocol support
Protocol
version		Website
support[35]		Security[35][36]
SSL 2.010.8% (−0.4%)Insecure
SSL 3.033.8% (−1.2%)Insecure[37]
TLS 1.099.2% (−0.1%)Depends on cipher[n 1] and client mitigations[n 2]
TLS 1.164.3% (+1.4%)Depends on cipher[n 1] and client mitigations[n 2]
TLS 1.266.5% (+1.4%)Depends on cipher[n 1] and client mitigations[n 2]
TLS 1.3
(Draft)		N/A 

 

TLS/SSL support history of web browsers
BrowserVersionPlatformsSSL protocolsTLS protocolsCertificate SupportVulnerabilities fixed[n 1]Protocol selection by user
[n 2]
SSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0TLS 1.1TLS 1.2EV
[n 3][38]		SHA-2
[39]		ECDSA
[40]		BEAST[n 4]CRIME[n 5]POODLE (SSLv3)[n 6]RC4[n 7]FREAK[41][42]Logjam
Google Chrome
(Chrome for Android)
[n 8]
[n 9]		1–9Windows (XP SP2+)
OS X (10.7+)
Linux
Android (4.0+)
iOS (7.0+)
Chrome OS		Disabled by defaultEnabled by defaultYesNoNoYes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affected
[47]		Vulnerable
(HTTPS)		VulnerableVulnerableVulnerable
(except Windows)		VulnerableYes[n 10]
10–20No[48]Enabled by defaultYesNoNoYes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedVulnerable
(HTTPS/SPDY)		VulnerableVulnerableVulnerable
(except Windows)		VulnerableYes[n 10]
21NoEnabled by defaultYesNoNoYes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedMitigated
[49]		VulnerableVulnerableVulnerable
(except Windows)		VulnerableYes[n 10]
22–25NoEnabled by defaultYesYes[50]No[50][51][52][53]Yes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedMitigatedVulnerableVulnerableVulnerable
(except Windows)		VulnerableTemporary
[n 11]
26–29NoEnabled by defaultYesYesNoYes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedMitigatedVulnerableVulnerableVulnerable
(except Windows)		VulnerableTemporary
[n 11]
30–32NoEnabled by defaultYesYesYes[51][52][53]Yes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedMitigatedVulnerableVulnerableVulnerable
(except Windows)		VulnerableTemporary
[n 11]
33–37NoEnabled by defaultYesYesYesYes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedMitigatedPartly mitigated
[n 12]		Lowest priority
[56][57][58]		Vulnerable
(except Windows)		VulnerableTemporary
[n 11]
38–39NoEnabled by defaultYesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedPartly mitigated
[n 12]		Lowest priority
[56][57][58]		Vulnerable
(except Windows)		VulnerableTemporary
[n 11]
40NoDisabled by default
[55][59]		YesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedMitigated
[n 13]		Lowest priorityVulnerable
(except Windows)		VulnerableYes[n 14]
41, 42NoDisabled by defaultYesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedMitigatedLowest priorityMitigatedVulnerableYes[n 14]
43NoDisabled by defaultYesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedMitigatedOnly as fallback
[n 15][60]		MitigatedVulnerableYes[n 14]
4445NoNo[61]YesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedNot affectedOnly as fallback
[n 15]		MitigatedMitigated[62]Temporary
[n 11]
Google Android OS Browser
[63]		Android 1.01.11.51.62.0–2.12.2–2.2.3NoEnabled by defaultYesNoNoUnknownNoNoUnknownUnknownVulnerableVulnerableVulnerableVulnerableNo
Android 2.3–2.3.73.0–3.2.64.0–4.0.44.1–4.3.1NoEnabled by defaultYesNoNoUnknownYes[39]since Android OS 3.0[64]UnknownUnknownVulnerableVulnerableVulnerableVulnerableNo
Android 4.4–4.4.4NoEnabled by defaultYesDisabled by defaultDisabled by defaultUnknownYesYes[40]UnknownUnknownVulnerableVulnerableVulnerableVulnerableNo
Android 5.0-5.0.2NoEnabled by defaultYesYes[65]Yes[65]UnknownYesYesUnknownUnknownVulnerableVulnerableVulnerableVulnerableNo
Android 5.1-5.1.1NoNoYesYesYesUnknownYesYesUnknownUnknownNot affectedVulnerableMitigatedVulnerableNo
Android 6.0NoNoYesYesYesUnknownYesYesUnknownUnknownNot affectedUnknownMitigatedUnknownUnknown
BrowserVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0TLS 1.1TLS 1.2EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Mozilla Firefox
(Firefox for mobile)
[n 16]		1.0Windows (XP SP2+)
OS X (10.6+)
Linux
Android (2.3+)
iOS (preview)
Firefox OS
Maemo

ESR only for:
Windows (XP SP2+)
OS X (10.6+)
Linux		Enabled by default
[66]		Enabled by default
[66]		Yes[66]NoNoNoYes[39]NoNot affected
[67]		Not affectedVulnerableVulnerableNot affectedVulnerableYes[n 10]
1.5Enabled by defaultEnabled by defaultYesNoNoNoYesNoNot affectedNot affectedVulnerableVulnerableNot affectedVulnerableYes[n 10]
2Disabled by default
[66][68]		Enabled by defaultYesNoNoNoYesYes[40]Not affectedNot affectedVulnerableVulnerableNot affectedVulnerableYes[n 10]
3–7Disabled by defaultEnabled by defaultYesNoNoYesYesYesNot affectedNot affectedVulnerableVulnerableNot affectedVulnerableYes[n 10]
8–10
ESR 10		No[68]Enabled by defaultYesNoNoYesYesYesNot affectedNot affectedVulnerableVulnerableNot affectedVulnerableYes[n 10]
11–14NoEnabled by defaultYesNoNoYesYesYesNot affectedVulnerable
(SPDY)[49]		VulnerableVulnerableNot affectedVulnerableYes[n 10]
15–22
ESR 17.0–17.0.10		NoEnabled by defaultYesNoNoYesYesYesNot affectedMitigatedVulnerableVulnerableNot affectedVulnerableYes[n 10]
ESR 17.0.11NoEnabled by defaultYesNoNoYesYesYesNot affectedMitigatedVulnerableLowest priority
[69][70]		Not affectedVulnerableYes[n 10]
23NoEnabled by defaultYesDisabled by default
[71]		NoYesYesYesNot affectedMitigatedVulnerableVulnerableNot affectedVulnerableYes[n 17]
24, 25.0.0
ESR 24.0–24.1.0		NoEnabled by defaultYesDisabled by defaultDisabled by default
[73]		YesYesYesNot affectedMitigatedVulnerableVulnerableNot affectedVulnerableYes[n 17]
25.0.1, 26
ESR 24.1.1		NoEnabled by defaultYesDisabled by defaultDisabled by defaultYesYesYesNot affectedMitigatedVulnerableLowest priority
[69][70]		Not affectedVulnerableYes[n 17]
27–33
ESR 31.0–31.2		NoEnabled by defaultYesYes[74][75]Yes[76][75]YesYesYesNot affectedMitigatedVulnerableLowest priorityNot affectedVulnerableYes[n 17]
34, 35
ESR 31.3–31.7		NoDisabled by default
[77][78]		YesYesYesYesYesYesNot affectedMitigatedMitigated
[n 18]		Lowest priorityNot affectedVulnerableYes[n 17]
ESR 31.8NoDisabled by defaultYesYesYesYesYesYesNot affectedMitigatedMitigatedLowest priorityNot affectedMitigated[81]Yes[n 17]
36–38
ESR 38.0		NoDisabled by defaultYesYesYesYesYesYesNot affectedMitigatedMitigatedOnly as fallback
[n 15][82]		Not affectedVulnerableYes[n 17]
ESR 38.1,
ESR 38.2		ESR 38.3NoDisabled by defaultYesYesYesYesYesYesNot affectedMitigatedMitigatedOnly as fallback
[n 15]		Not affectedMitigated[81]Yes[n 17]
39, 4041NoNo[83]YesYesYesYesYesYesNot affectedMitigatedNot affectedOnly as fallback
[n 15]		Not affectedMitigated[81]Yes[n 17]
42
43NoNoYesYesYesYesYesYesNot affectedMitigatedNot affectedWhitelisted hosts only
[n 19]		Not affectedMitigatedYes[n 17]
44ESR 45NoNoYesYesYesYesYesYesNot affectedMitigatedNot affectedNot affected[n 20]Not affectedMitigatedYes[n 17]
BrowserVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0TLS 1.1TLS 1.2EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Microsoft Internet Explorer
[n 21]		1.xWindows 3.195,NT[n 22],[n 23]
Mac OS 78		No SSL/TLS support
2YesNoNoNoNoNoNoNoNo SSL 3.0 or TLS supportVulnerableVulnerableVulnerableN/A
3YesYes[87]NoNoNoNoNoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableUnknown
45Windows 3.19598,NT[n 22],[n 23]
Mac OS 7.18X,
Solaris,HP-UX		Enabled by defaultEnabled by defaultDisabled by default
[87]		NoNoNoNoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableYes[n 10]
6Windows 98ME,NT[n 22]2000[n 23]Enabled by defaultEnabled by defaultDisabled by default
[87]		NoNoNoNoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableYes[n 10]
6Windows XP[n 23]Enabled by defaultEnabled by defaultDisabled by defaultNoNoNoYes
[n 24] [88]		NoMitigatedNot affectedVulnerableVulnerableVulnerableVulnerableYes[n 10]
6Server 2003[n 23]Enabled by defaultEnabled by defaultDisabled by defaultNoNoNoYes
[n 24] [88]		NoMitigatedNot affectedVulnerableVulnerableMitigated
[91]		Mitigated
[92]		Yes[n 10]
78Windows XP[n 23]Disabled by default
[93]		Enabled by defaultYes[93]NoNoYesYes
[n 24] [88]		NoMitigatedNot affectedVulnerableVulnerableVulnerableVulnerableYes[n 10]
78Server 2003[n 23]Disabled by default
[93]		Enabled by defaultYes[93]NoNoYesYes
[n 24] [88]		NoMitigatedNot affectedVulnerableVulnerableMitigated
[91]		Mitigated
[92]		Yes[n 10]
78[n 25]9Windows VistaDisabled by defaultEnabled by defaultYesNoNoYesYesYes[40]MitigatedNot affectedVulnerableVulnerableMitigated
[91]		Mitigated
[92]		Yes[n 10]
Server 2008
8910[n 25]Windows 7Disabled by defaultEnabled by defaultYesDisabled by default
[95]		Disabled by default
[95]		YesYesYesMitigatedNot affectedVulnerableLowest priority
[96][n 26]		Mitigated
[91]		Mitigated
[92]		Yes[n 10]
Server 2008 R2
10[n 25]Windows 8Disabled by defaultEnabled by defaultYesDisabled by default
[95]		Disabled by default
[95]		YesYesYesMitigatedNot affectedVulnerableLowest priority
[96][n 26]		Mitigated
[91]		Mitigated
[92]		Yes[n 10]
10Server 2012
11Windows 7Disabled by defaultDisabled by default
[n 27]		YesYes[98]Yes[98]YesYesYesMitigatedNot affectedMitigated
[n 27]		Lowest priority
[96][n 26]		Mitigated
[91]		Mitigated
[92]		Yes[n 10]
Server 2008 R2
11Windows 8.1Disabled by defaultDisabled by default
[n 27]		YesYes[98]Yes[98]YesYesYesMitigatedNot affectedMitigated
[n 27]		Only as fallback
[n 15][102][103]		Mitigated
[91]		Mitigated
[92]		Yes[n 10]
Server 2012 R2
Microsoft Edge[n 28]
and (as fallback)
Internet Explorer[n 21]		IE 11Edge[n 29]Windows 10Disabled by defaultDisabled by defaultYesYesYesYesYesYesMitigatedNot affectedMitigatedOnly as fallback
[n 15]		MitigatedMitigatedYes[n 10]
Server 2016
Microsoft Internet Explorer Mobile
[n 21]		7, 9Windows Phone 7, 7.5, 7.8Disabled by default
[93]		Enabled by defaultYesNo
[citation needed]		No
[citation needed]		No
[citation needed]		YesYes[64]UnknownNot affectedVulnerableVulnerableVulnerableVulnerableOnly with 3rd party tools[n 30]
10Windows Phone 8Disabled by defaultEnabled by defaultYesDisabled by default
[108]		Disabled by default
[108]		No
[citation needed]		YesYes[109]MitigatedNot affectedVulnerableVulnerableVulnerableVulnerableOnly with 3rd party tools[n 30]
11Windows Phone 8.1Disabled by defaultEnabled by defaultYesYes[110]Yes[110]No
[citation needed]		YesYesMitigatedNot affectedVulnerableOnly as fallback
[n 15][102][103]		VulnerableVulnerableOnly with 3rd party tools[n 30]
Microsoft Edge
[n 28]		EdgeWindows 10 MobileDisabled by defaultDisabled by defaultYesYesYesYesYesYesMitigatedNot affectedMitigatedOnly as fallback
[n 15]		MitigatedUnknownUnknown
BrowserVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0TLS 1.1TLS 1.2EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Opera Browser
(Opera Mobile)
(Pre-Presto and Presto)
[n 31]		1-2Windows
OS X
Linux
Android
Symbian S60
Maemo
Windows Mobile		No SSL/TLS support[112]
3Yes[113]NoNoNoNoNoNoNoNo SSL 3.0 or TLS supportVulnerableUnknownUnknownN/A
4YesYes[114]NoNoNoNoNoNoVulnerableNot affectedVulnerableVulnerableUnknownUnknownUnknown
5Enabled by defaultEnabled by defaultYes[115]NoNoNoNoNoVulnerableNot affectedVulnerableVulnerableUnknownUnknownYes[n 10]
6-7Enabled by defaultEnabled by defaultYes[115]NoNoNoYes[39]NoVulnerableNot affectedVulnerableVulnerableUnknownUnknownYes[n 10]
8Enabled by defaultEnabled by defaultYesDisabled by default
[116]		NoNoYesNoVulnerableNot affectedVulnerableVulnerableUnknownUnknownYes[n 10]
9Disabled by default
[117]		Enabled by defaultYesYesNosince v9.5
(only desktop)		YesNoVulnerableNot affectedVulnerableVulnerableUnknownUnknownYes[n 10]
10–11.52No[118]Enabled by defaultYesDisabled by defaultDisabled by default
[118]		Yes
(only desktop)		YesNoVulnerableNot affectedVulnerableVulnerableUnknownUnknownYes[n 10]
11.60–11.64NoEnabled by defaultYesDisabled by defaultDisabled by defaultYes
(only desktop)		YesNoMitigated
[119]		Not affectedVulnerableVulnerableUnknownUnknownYes[n 10]
12–12.14NoDisabled by default
[n 32]		YesDisabled by defaultDisabled by defaultYes
(only desktop)		YesNoMitigatedNot affectedMitigated
[n 32]		VulnerableUnknownMitigated[121]Yes[n 10]
12.15–12.17NoDisabled by defaultYesDisabled by defaultDisabled by defaultYes
(only desktop)		YesNoMitigatedNot affectedMitigatedPartly mitigated
[122][123]		UnknownMitigated[121]Yes[n 10]
Opera Browser
(Opera Mobile)
(Webkit and Blink)
[n 33]		14–16Windows (XP+)
OS X (10.7+)
Linux
Android (4.0+)		NoEnabled by defaultYesYes[126]No[126]Yes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedMitigatedVulnerableVulnerableVulnerable
(except Windows)		VulnerableTemporary
[n 11]
17–19NoEnabled by defaultYesYes[127]Yes[127]Yes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedMitigatedVulnerableVulnerableVulnerable
(except Windows)		VulnerableTemporary
[n 11]
20–24NoEnabled by defaultYesYesYesYes
(only desktop)		needs SHA-2 compatible OS[39]needs ECC compatible OS[40]Not affectedMitigatedPartly mitigated
[n 34]		Lowest priority
[128]		Vulnerable
(except Windows)		VulnerableTemporary
[n 11]
25, 26NoEnabled by default
[n 35]		YesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedMitigated
[n 36]		Lowest priorityVulnerable
(except Windows)		VulnerableTemporary
[n 11]
27NoDisabled by default
[59]		YesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedMitigated
[n 37]		Lowest priorityVulnerable
(except Windows)		VulnerableYes[n 38]
(only desktop)
28, 29NoDisabled by defaultYesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedMitigatedLowest priorityMitigatedVulnerableYes[n 38]
(only desktop)
30NoDisabled by defaultYesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedMitigatedOnly as fallback
[n 15][60]		MitigatedMitigated[121]Yes[n 38]
(only desktop)
3132NoNo[61]YesYesYesYes
(only desktop)		Yesneeds ECC compatible OS[40]Not affectedMitigatedNot affectedOnly as fallback
[n 15][60]		MitigatedMitigatedTemporary
[n 11]
BrowserVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0TLS 1.1TLS 1.2EV certificateSHA-2 certificateECDSA certificateBEASTCRIMEPOODLE (SSLv3)RC4FREAKLogjamProtocol selection by user
Apple Safari
[n 39]		1Mac OS X 10.210.3No[133]YesYesNoNoNoNoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
2–5Mac OS X 10.410.5,Win XPNoYesYesNoNosince v3.2NoNoVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
3–5Vista,Win 7NoYesYesNoNosince v3.2NoYes[64]VulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
4–6Mac OS X 10.610.7NoYesYesNoNoYesYes[39]Yes[40]VulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
6OS X 10.8NoYesYesNoNoYesYesYes[40]Mitigated
[n 40]		Not affectedMitigated
[n 41]		Vulnerable
[n 41]		Mitigated
[139]		VulnerableNo
79OS X 10.9NoYesYesYes[140]Yes[140]YesYesYesMitigated
[135]		Not affectedMitigated
[n 41]		Vulnerable
[n 41]		Mitigated
[139]		VulnerableNo
89OS X 10.10NoYesYesYesYesYesYesYesMitigatedNot affectedMitigated
[n 41]		Lowest priority
[141][n 41]		Mitigated
[139]		Mitigated
[142]		No
9OS X 10.11NoNoYesYesYesYesYesYesMitigatedNot affectedNot affectedLowest priorityMitigatedMitigatedNo
Apple Safari
(mobile)
[n 42]		3iPhone OS 1, 2No[146]YesYesNoNoNoNoUnknownVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
4, 5iPhone OS 3iOS 4NoYesYesNoNoYes[147]Yessince iOS 4[64]VulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
5, 6iOS 56NoYesYesYes[143]Yes[143]YesYesYesVulnerableNot affectedVulnerableVulnerableVulnerableVulnerableNo
7iOS 7NoYesYesYesYesYesYesYes[148]Mitigated
[149]		Not affectedVulnerableVulnerableVulnerableVulnerableNo
8iOS 8NoYesYesYesYesYesYesYesMitigatedNot affectedMitigated
[n 41]		Lowest priority
[150][n 41]		Mitigated
[151]		Mitigated
[152]		No
9iOS 9NoNoYesYesYesYesYesYesMitigatedNot affectedNot affectedLowest priorityMitigatedMitigatedNo
BrowserVersionPlatformsSSL 2.0 (insecure)SSL 3.0 (insecure)TLS 1.0TLS 1.1TLS 1.2EV
[n 3]		SHA-2ECDSABEAST[n 4]CRIME[n 5]POODLE (SSLv3)[n 6]RC4[n 7]FREAK[41][42]LogjamProtocol selection by user
SSL protocolsTLS protocolsCertificate SupportVulnerabilities fixed
Color or NoteSignificance
Browser versionPlatform
Browser versionOperating systemFuture release; under development
Browser versionOperating systemCurrent latest release
Browser versionOperating systemFormer release; still supported
Browser versionOperating systemFormer release; long-term support still active, but will end in less than 12 months
Browser versionOperating systemFormer release; no longer supported
n/aOperating systemMixed / Unspecified
Operating system (Version+)Minimum required operating system version (for the current latest version of the browser)
Operating systemNo longer supported for this operating system

 

 

 

小小黄
关注
专栏目录
ssl协议详解
06-29
ssl协议的详细解读,详细!!!!!!!!!!!!!!!
SSL协议详解
11-20
#### SSL协议概述 **SSL协议**(Secure Sockets Layer),是由Netscape公司开发的一种用于在Internet上进行安全通信的标准协议SSL提供以下三个主要功能: 1. **保密性**:通过使用加密技术确保数据传输的安全性...
SSL协议概述(一)
涂睿的专栏
01-17 2777
 一、SSL协议概述 提供网络安全服务可以在不同层次提供。通用的解决方法是在网络层使用IPSec,IPSec对于最终用户和应用程序是透明的。另一个比较通用的解决方法是在TCP上实现安全性,在这一级,有两种实现选择,一是SSL(或TLS)可以作为基本协议族的一个部分提供,因此对应用程序透明,二是将SSL嵌入到软件中,如嵌入到Web浏览器与Web服务器。与应用有关的安全服务也可以
SSL 协议(HTTPS 协议的关键)
最新发布
weixin_52173250的博客
10-04 1022
SSL 协议(Secure Sockets Layer,安全套接层协议),是一种广泛使用的网络安全协议,旨在保护网络通信中的数据安全和隐私
SSL协议概述(二)
涂睿的专栏
01-17 2481
 二、SSL记录协议 SSL在记录协议SSL连接提供两种服务:机密性和报文完整性。SSL协议中,所有的传输数据都被封装在记录中。记录是由记录头和长度不为0的记录数据组成的。所有的SSL通信都使用SSL记录层,记录协议封装上层的握手协议、警告协议、改变密码格式协议和应用数据协议SSL记录协议包括了记录头和记录数据格式的规定。SSL主要的操作见图图13.3 SS
SSL (Secure Socket Layer)
welcomejzh的专栏
01-09 663
SSL (Secure Socket Layer)为Netscape所研发,用以保障在Internet上数据传输之安全,利用数据加密(Encryption)技术,可确保数据在网络上之传输过程中不会被截取及窃听。目前一般通用之规格为40 bit之安全标准,美国则已推出128 bit之更高安全标准,但限制出境。只要3.0版本以上之I.E.或Netscape浏览器即可支持SSL。 当前版本为3.0。它已
计算机网络_第六章_安全套接层协议SSL_77.pptx
11-23
SSL协议概述SSL(Secure Sockets Layer,安全套接层)是计算机网络领域中广泛使用的安全协议,其目标是为TCP提供端到端的安全服务,确保通信双方的数据保密性和完整性,同时也支持双方身份的验证。SSL最初由...
mod_ssl-2.6.0-1.3.12.tar.gz_mod_ssl
09-20
1. **作用**:mod_ssl是Apache的一个核心模块,它的主要任务是通过SSL/TLS协议提供安全的网络连接。这包括证书管理、加密算法选择、会话缓存等功能,使得用户可以通过HTTPS访问网站,进行安全的网上交易、登录或其他...
HB2100通讯协议_HB2100通讯协议_
09-30
一、HB2100通讯协议概述 HB2100通讯协议是专为网络管理设计的一种通讯机制,它通过定义一套标准的消息格式和传输规则,使得不同设备或系统之间能够进行无缝的数据交换。协议的主要目标是确保信息的准确传递,提高...
SIM800系列_SSL_应用文档_V1.02-综合文档
05-23
- SSL(Secure Sockets Layer)是一种安全协议,最初由网景公司提出,旨在为网络通信提供安全性和数据完整性。 - SSL在传输层对网络连接进行加密,采用公开密钥技术保障通信的保密性和可靠性。 - SSL是互联网上...
SSL协议
qq_15156403的博客
05-17 168
SSL协议只能保护ip承载的数据,通过协商,交换密钥,加解密数据,完成数据的传输
SSL协议是什么?
j2ee开发的专栏
12-02 1003
欢迎访问: www.ptcms.cnSSL是Secure Socket Layer的缩写,即安全套接层协议。是由网景(Netscape)公司推出的一种安全通信协议,它能够对信用卡和个人信息提供较强的保护。 SSL是对计算机之间整个会话进行加密的协议。在SSL中,采用了公开密钥和私有密钥两种加密方法。 SSL协议的优势在于它是应用层协议确立无关的。高层的应用协议如HTTP、FTP、Telnet等能...
什么是SSL协议
ysds20211402的博客
02-09 5235
转自:微点阅读https://www.weidianyuedu.com 什么是SSL协议SSL协议是一种安全传输协议SSL是SecureSocketLayer的缩写,即安全套接层协议。该协议最初由Netscape企业发展而来,目前已经成为互联网上用来鉴别网站和网页浏览者的身份,以及在浏览器使用者及网页服务器之间进行加密通讯的全球化标准协议。由于SSL技术已建立到了所有主要的浏览器和WEB服务器程序当中,因此,仅需安装数字证书,或服务器证书就可以激活服务器功能了。 SSL协议能够对信用卡和..
SSL协议具体解释
weixin_33859665的博客
06-07 180
背景介绍    近期在看《password学与网络安全》相关的书籍,这篇文章主要具体介绍一下著名的网络安全协议SSL。      在開始SSl介绍之前,先给大家介绍几个password学的概念和相关的知识。     1、password学的相关概念 password学(cryptography):目的是通过将信息编码使其不可读,从而达到安全性。 明文(plain text):...
什么是SSL协议,浅谈SSL协议
ysds20211402的博客
04-02 884
转自:微点阅读https://www.weidianyuedu.com 什么是SSL协议SSL协议是一种安全传输协议SSL是SecureSocketLayer的缩写,即安全套接层协议。该协议最初由Netscape企业发展而来,目前已经成为互联网上用来鉴别网站和网页浏览者的身份,以及在浏览器使用者及网页服务器之间进行加密通讯的全球化标准协议。由于SSL技术已建立到了所有主要的浏览器和WEB服务器程序当中,因此,仅需安装数字证书,或服务器证书就可以激活服务器功能了。 SSL协议能够对信用卡和..
SSL协议介绍】
qq_55213436的博客
07-19 3504
SSL协议,即安全套接字层。可用于保护正常运行于TCP之上的任何应用协议,如HTTP、FTP、SMTP或Telnet的通信,最常见的是用SSL来保护HTTP的通信。SSL协议的优点在于它是与应用层协议无关的。高层的应用协议(如HTTP、FTP、Telnet等)能透明地建立于SSL协议之上。SSL协议在应用层协议之前就已经完成加密算法、通信密钥的协商以及服务器的认证工作。在此之后应用层协议所传送的数据都会被加密,从而保证通信的安全性。客户对服务器的身份认证。...
MIE311_Lecture06_SSL:网络安全课程之SSL协议解析
1. SSL协议概述:解释SSL协议的基本概念,包括其发展历程(从SSL到TLS的演变),以及SSL在现代网络安全体系中的重要性。 2. 加密技术基础:深入探讨加密技术在SSL中的应用,包括对称加密和非对称加密的区别与联系,...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值