November 12th, 2013
Internet Explorer 11 is the first browser to make Internet connections more secure and reliable by reducing the use of vulnerable ciphersuites, such as RC4 and by using the latest security standards, TLS 1.2, by default. With these changes in IE11, you can have peace of mind when accessing your critical personal information on social media, banking, commerce, and other sites. These advances build on our continued work to make IE the most secure browser in key areas such as socially engineered attacks.
IE11 Reduces Use of Vulnerable RC4 Cipher Suite
IE11 takes a big step toward better security by reducing the use of the vulnerable RC4 cipher suite. RC4 is a stream cipher that is widely supported—and often preferred—by TLS servers. However, recent studies such as those by AlFardan suggest exploits in the RC4 key stream that can be used to recover some encrypted data. RC4 has other weaknesses as well, as discovered by Paul, Mantin, and Fluhrer. Based on these studies, the industry consensus is that RC4 has a variety of cryptographic weaknesses, and RC4 exploits are now practical.We have proposed changes to the TLS standard, so that other browsers and industry players can follow our lead in securing the Web.
The changes in IE11 increase security while still ensuring compatibility with the Web, in spite of the current widespread use of the RC4 cipher suite. IE11 does not offer RC4-based cipher suites during the initial TLS/SSL handshake. In this way, most connections successfully use non-RC4 cipher suites. We studied 5 million Internet sites and found that over 96% of sites can negotiate ciphers other than RC4. Notably, nearly 39% of these sites support non-RC4 even though they prefer RC4 – and for these, sites, IE11 substantially increases the security of the Web.
|Site Type||Number||Percentage||IE11’s Behavior|
|Total Sites in Sample||5,000,000||100%|
|Sites that currently use RC4 ciphers||2,127,500||42.55%|
|Sites that support non RC4 ciphers||1,932,500||38.65%||IE11 makes sites more secure by negotiating non-RC4 cipher|
|Sites that only work with RC4 ciphers||195,000||3.90%||IE11 ensures you can reach these sites by falling back to an RC4 cipher|
|Sites that currently do not use RC4 ciphers||2,872,500||57.45%||IE11 continues to negotiate non-RC4 ciphers with these sites|
For the rare cases where the browser cannot negotiate a non-RC4 cipher suite with the server, IE11 falls back to negotiating TLS 1.0 or SSL 3.0 with RC4 to ensure that you can still reach the sites you need. Microsoft is actively working with many of these sites to enable support for non-RC4 cipher suites.
Turning on TLS 1.2 by Default
IE11 further increases Web security by enabling TLS version 1.2 by default, building on IE’s leadership as the first browser to implement TLS 1.2 as an optional setting in IE8. You can access sites such as Outlook.com, Facebook, etc. using industry-leading security standards thereby keeping your personal information safe. TLS 1.2 increases security by supporting more advanced cryptographic suites. Most of the practical exploits that target TLS 1.0 and TLS 1.1 ciphers do not work on TLS 1.2 ciphers. For example, TLS 1.2 is not subject to the BEAST attack.
In IE11, you can take the advantage of added security in TLS 1.2 while getting the same performance provided with RC4 ciphers. TLS 1.2 provides new cipher suites that provide strong security and high performance. For example, the AES-GCM cipher suite is supported only on TLS 1.2 and performs just as well as RC4 ciphers. By enabling TLS 1.2 with AES-GCM, sites can provide strong security without introducing additional server load.
Tuning on TLS 1.2 out of the box in IE11 automatically increases the security level with nearly 16% of Web servers and this number should increase as additional servers and browsers begin to support and prefer TLS 1.2. Windows Server has supported TLS 1.2 since Windows Server 2008 R2 and we encourage servers to enable TLS 1.2 in IIS, which is a simple configuration change. Servers such as Apache also support TLS 1.2, and as the industry moves forward, other Web servers will support TLS 1.2 in the future as well. The change does not affect compatibility with existing servers, which down-negotiate TLS to the highest mutually-supported version. By default, IE11 supports TLS 1.2, TLS 1.1, TLS 1.0 and SSL 3.0.
IE11 makes 39% of Web sites more secure by discouraging the use of vulnerable RC4 based cipher suites and increases security on 16% of Web sites by negotiating TLS 1.2, the most secure version of TLS.
Try out IE11 to experience more secure browsing that uses the latest industry standards. We look forward to hearing your feedback via Connect, to help us move the industry forward and continue to enhance the browser.
Hasnat Naveed and Ritika Kapadia
Program Managers in Windows and Internet Explorer