On Wed, Sep 17, 2008 at 04:48:50PM -0700, Ryerse, Mike (DIS) wrote:
>
> I am thinking though, since the browser is able to decrypt the message
> without using the server's private key, shouldn't this theoretically
> also be possible with wireshark somehow?
Well, if that would be the case, there would be a real big problem ;-)
The purpose of SSL is to keep things secured. The flaw is your
reasoning is this: The client uses the public key from the server
certificate to encrypt the so called "pre-master-key". This key
is created by the client and then sent encrypted to the server.
Only the server has the private key and so it can decrypt it. Both
the client and the server then use this pre-master-key, combined
with other exchanged (in the clear) data to create all the necessary
keys for the ssl-session. That's why supplying the private key of
the server makes it possible for wireshark to do decryption.
At least, that's the situation with the RSA key exchange, when
Diffie Hellman is used in the key exchange, then the client and
server create key-pairs on the fly to exchange the "pre-master-key"
and therefor Wireshark will not be able to decrypt the session, as
it has no access to those temporary keys.
> Anyway, thanks for all your help. Learned a lot today :)
Your welcome. Would it be possible for you to send the private key
of this test-setup so I can add this ssl-session with renegotiaton
to my collection of traces? Or maybe it would be nice to have
the trace and key on the wiki for others to use as an example too?
Cheers,
Sake
