Wireshark · Wireshark-dev: [Wireshark-dev] Issue with decrypting renegotiation handshake

Wireshark-dev: [Wireshark-dev] Issue with decrypting renegotiation handshake

Date: Fri, 23 Sep 2016 18:50:26 +0530

Hi,

wireshark is not able to decrypt Renegotiation Handshake if the cipher used is of type ECDHE/DHE

(ephemeral diffe hellman)

we have used the (Pre)-Master-Secret log filename option

this is the format of the above log filename

CLIENT_RANDOM 0c6b1d700b7a8636a3a90d4a29f2503422ee4ed74bac577eeba2c398492a70a0 8b690ee58c10a23d892d9a591ac98ce95c6e3b8df4fa95505a87368caf73e91ed1bc5e3d27fd8cfbfcaad2689447e425
CLIENT_RANDOM 203ce15b76e06e32fcb34e7856c07da95e08ee53f1d3b4fe25136254dbaf1ef4 eadd8b89504e2c2b6ad91479f1c30addc701ded96a6e8abef3a6e8d872f435fae096a81d556bee65a812860364e2bc60

where,
first CLIENT_RANDOM is of Initial Handshake

second CLIENT_RANDOM is of Reneg Handshake

--Anil

Follow-Ups:
- Re: [Wireshark-dev] Issue with decrypting renegotiation handshake
  - From: Alexis La Goutte
- Re: [Wireshark-dev] Issue with decrypting renegotiation handshake
  - From: Peter Wu

Prev by Date: Re: [Wireshark-dev] Sources of 61850 wireshark 1.99.0 skunkworks version
Next by Date: Re: [Wireshark-dev] Issue with decrypting renegotiation handshake
Previous by thread: Re: [Wireshark-dev] Sources of 61850 wireshark 1.99.0 skunkworks version
Next by thread: Re: [Wireshark-dev] Issue with decrypting renegotiation handshake
Index(es):
- Date
- Thread