4

Suppose I have a non-DHE-based TLS session stored in a Wireshark or Netmon trace. What is required to decrypt this data?

  • Is the private key of the certificate all that would be needed?
  • What tools enable this decryption?

Going a step further, what is needed to decrypt a DHE based TLS session?

makerofthings7
  • 50,090
  • 54
  • 250
  • 536
  • "Is the private key of the certificate all that would be needed?" Yes. "what is needed to decrypt a DHE based TLS session" the private DH key of either side, or the shared secret resulting from the DH exchange. – CodesInChaos Nov 29 '12 at 17:41
  • @CodesInChaos I'm trying to do this now with a non DHE session but I can't figure out whats needed – makerofthings7 Nov 29 '12 at 17:43
  • Regarding the "step further", this thread should be consulted: [Decrypting TLS in Wireshark when using DHE_RSA ciphersuites](http://security.stackexchange.com/q/35639/32746). – WhiteWinterWolf Jan 12 '16 at 10:26

3 Answers3

9

For RSA or DH (not DHE) cipher suites, you just need the server private key, of type RSA or DH, respectively (DH certificates are exceedingly rare).

For DHE cipher suites, you would need the dynamically generated Diffie-Hellman private key. This key is never stored anywhere, and that is by design. Correspondingly, you cannot decrypt the data afterwards. This is called Perfect Forward Secrecy.

For the TLS cipher suite with a pre-shared secret: raw PSK cipher suites can be decrypted with knowledge of the shared secret; RSA_PSK suites need knowledge of both the shared secret and the RSA private key; DHE_PSK suites provide perfect forward secrecy.

SRP cipher suites also provide perfect forward secrecy. There again, this is by design: if knowledge of the password sufficed to decrypt a recorded connection, then this would allow offline dictionary attacks, precisely what SRP is meant to thwart.

Community
  • 1
Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
2

To decrypt SSL data in Wireshark

  1. Click Edit : Preferences
  2. Expand Protocols : Select SSL
  3. Edit the "RSA Keys List" with the path names and password as appropriate
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
0

One way to view the contents of a HTTPS session is to use Fiddler as a local proxy. Just be sure to launch the tool, and open options and enable SSL monitoring (this will add one root cert and many additional certificates to your trusted store)

Although this doesn't directly answer the question on how to decrypt a captured TLS session, it may be of use to some people.

makerofthings7
  • 50,090
  • 54
  • 250
  • 536