On Thu, Feb 21, 2008 at 04:38:14PM +0100, Joerg Mayer wrote:
> On Thu, Feb 21, 2008 at 12:21:42PM +0100, Sake Blok wrote:
> > > then i did some gooleing to find intresting stuff about ephemeral keys
> > > cannot be decrypted.
> > > please let me know if TLS_DHE_RSA_WITH_AES_256_CBC_SHA ( AES 256 bit
> > > Encryption ) can be decrypted using wireshark/tshark.
> >
> > Unfortunately by the nature of the Diffie Hellman (DH) key exchange
> > it is not possible to decode any cipher that uses DH to setup
> > the keys. So the cipher you are using can not be decrypted
> > by Wireshark (the _DHE_ in the cipher indicates a DH key exchange).
> >
> > If you are able to restrict your cipherlist, you can force
> > ssl to use a cipher that *can* be decrypted by Wireshark.
>
> Or you need to provide the DH-keys and enhance Wireshark to use them (or
> find someone to do that).
I was under the impression that these DH-keys within SSL randomly created
when the ssl-session is being setup? In which case providig them to
Wireshark is not possible...
Cheers,
Sake