Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Wireshark-dev: Re: [Wireshark-dev] help needed regarding decrypting the ssl

Date Index Thread Index Other Months All Mailing Lists

Date Prev Date Next Thread Prev Thread Next

From: Paolo Abeni <paolo.abeni@xxxxxxxx>
Date: Fri, 01 Aug 2008 16:13:14 +0200

hello,

On Fri, 2008-08-01 at 02:28 -0700, prashanth joshi wrote:
> The definition of the TLS says that the client sends it randon number
> during client hello and the server sends its random number during the
> server hello. However in Diffie-Hellman algorithm the client keeps its
> random number secret and the server keeps its random number secret. Is
> there any way to decrypt the ssl?
> is it possible?

AFAIK, It does not exists a general solution to break DH key-exchange.

However for some broken ssl implementation:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0166

it's possible to brute-force the DH random secret.

Said attack is implemented by the following wireshark patch:

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2725

cheers,

Paolo

 --
 Email.it, the professional e-mail, gratis per te: http://www.email.it/f

 Sponsor:
 Gioca con i Supereroi Marvel sul cellulare!
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7752&d=1-8

References:
- [Wireshark-dev] help needed regarding decrypting the ssl
  - From: prashanth joshi

Prev by Date: [Wireshark-dev] buildbot failure in Wireshark (development) on OSX-10.5-x86
Next by Date: Re: [Wireshark-dev] Conversation and TCP reassembly
Previous by thread: [Wireshark-dev] help needed regarding decrypting the ssl
Next by thread: [Wireshark-dev] buildbot failure in Wireshark (development) on OSX-10.5-x86
Index(es):
- Date
- Thread