Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] help needed regarding decrypting the ssl

From: prashanth joshi <prashanthsjoshi2000@xxxxxxxxx>
Date: Fri, 1 Aug 2008 02:28:20 -0700 (PDT)
Hi all,
I need to work on decrypting the ssl.
I am not aupposed to use the Man in the middle attack. I need to implement the ssl decrypter on a machine that acts as a sniffer.
I can have the information from the server as the requirement is for a server internal to the company
The server certificate contains the public key and private key, both we can know if the certificates are self signed. However this information itself may not be sufficient to decrypt the ssl. Because the Diffie-Hellman key exchange algorithm generates the prime numbers for the client and the server which are not sent out and are kept secret.
The definition of the TLS says that the client sends it randon number during client hello and the server sends its random number during the server hello. However in Diffie-Hellman algorithm the client keeps its random number secret and the server keeps its random number secret. Is there any way to decrypt the ssl?
is it possible?

Regards,
Prashanth

Diffie-Hellman key exchange