Skip to main content

Cryptographic Assessment of SSL/TLS Servers Popular in India

  • 757 Accesses

Part of the Communications in Computer and Information Science book series (CCIS,volume 625)


Major web sites use Secure Sockets Layer (SSL) or its updated version name called Transport Layer Security (TLS) to secure all communications between their servers and web browsers. It is very important to analyze the security of this protocol because the compromise of the banking accounts, health care directories, information of national importance, even vital information about business competitors is unacceptable.

SSL/TLS is not a simple encryption or hashing algorithm. It is a protocol which consists of bunch of cryptographic primitives which aim to provide secure communication. Moreover, this protocol has a long history of attacks and it needs to be revised since security field is changing. This paper presents the most commonly used configurations of this protocol among web servers, highlighting issues where it is insecure and areas where it can be improved. Specifically, parameters used in cryptographic primitives and certificates used by the web servers have been reported. The approach was to probe all web servers using a tool - TestSSLServer. There were sets of two experiments carried out. One in which top 500 most popular websites in India were probed and other in which 50 banking sites in India were probed. Some of the surprising results were that servers still posses SSLv2 and v3 despite of its insecurity. Also, banking sites were found not to support forward secrecy.


  • Elliptic Curve
  • Forward Secrecy
  • Pseudo Random Function
  • Secure Socket Layer
  • Protocol Version

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


  1. Wikipedia, Transport Layer Security.

  2. Ristic, I.: Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications

    Google Scholar 

  3. Wikipedia, CRIME.

  4. Wikipedia, Public Key Infrastructure.

  5. DROWN.

  6. POODLE.

  7. Wagner, D., Schneier, B.: Analysis of the SSL 3.0 Protocol

    Google Scholar 

  8. Rescorla, E.: SSL and TLS: Designing and Building Secure Systems. Addison-Wesley, Boston (2001)

    Google Scholar 

  9. BEAST.

  10. Bhargavan, K., Delignat-Lavaud, A., Fournet, C., Pironti, A., Strub, P.-Y.: Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS

    Google Scholar 

  11. LOGJAM.

  12. TLS Working Group Draft.

  13. The Transport Layer Security (TLS) Protocol Version 1.2 - RFC 5246.

  14. Transport Layer Security (TLS) Renegotiation Indication Extension - RFC 5746.

  15. Alexa top 500.

  16. Directories of Banks in India.

  17. Pornin, T.: TestSSLServer.,

  18. Davies, J.: Implementing SSL/TLS Using Cryptography and PKI

    Google Scholar 

  19. Lee, H.K., Malkin, T., Nahum, E.: Cryptographic Strength of SSL/TLS Servers: Current and Recent Practices

    Google Scholar 

  20. Boneh, D.: Coursera, Cryptography I

    Google Scholar 

  21. Katz, J.: Coursera, Cryptography

    Google Scholar 

  22. Schneier, B.: Applied Cryptography

    Google Scholar 

  23. Buchmann, J.A., Karatsiolis, E., Wiesmaier, A.: Introduction to Public Key Infrastructures

    Google Scholar 

  24. JSON Parser - cJSON.

  25. Source Code for Parsing JSON.

  26. Prohibiting Secure Sockets Layer (SSL) Version 2.0 - RFC 6176.

  27. Deprecating Secure Sockets Layer Version 3.0 - RFC 7568.

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Prakhar Jain .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2016 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Jain, P., Shukla, K.K. (2016). Cryptographic Assessment of SSL/TLS Servers Popular in India. In: Mueller, P., Thampi, S., Alam Bhuiyan, M., Ko, R., Doss, R., Alcaraz Calero, J. (eds) Security in Computing and Communications. SSCC 2016. Communications in Computer and Information Science, vol 625. Springer, Singapore.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-2737-6

  • Online ISBN: 978-981-10-2738-3

  • eBook Packages: Computer ScienceComputer Science (R0)