Wireshark-dev: Re: [Wireshark-dev] help needed regarding decrypting the ssl

From: Paolo Abeni <paolo.abeni@xxxxxxxx>
Date: Fri, 01 Aug 2008 16:13:14 +0200
hello,

On Fri, 2008-08-01 at 02:28 -0700, prashanth joshi wrote:
> The definition of the TLS says that the client sends it randon number
> during client hello and the server sends its random number during the
> server hello. However in Diffie-Hellman algorithm the client keeps its
> random number secret and the server keeps its random number secret. Is
> there any way to decrypt the ssl?
> is it possible?

AFAIK, It does not exists a general solution to break DH key-exchange.

However for some broken ssl implementation:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0166

it's possible to brute-force the DH random secret.

Said attack is implemented by the following wireshark patch:

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2725

cheers,

Paolo

 
 
 --
 Email.it, the professional e-mail, gratis per te: http://www.email.it/f
 
 Sponsor:
 Gioca con i Supereroi Marvel sul cellulare!
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7752&d=1-8