Suppose I have a non-DHE-based TLS session stored in a Wireshark or Netmon trace. What is required to decrypt this data?
| |||||
|
For RSA or DH (not DHE) cipher suites, you just need the server private key, of type RSA or DH, respectively (DH certificates are exceedingly rare). For DHE cipher suites, you would need the dynamically generated Diffie-Hellman private key. This key is never stored anywhere, and that is by design. Correspondingly, you cannot decrypt the data afterwards. This is called Perfect Forward Secrecy. For the TLS cipher suite with a pre-shared secret: raw PSK cipher suites can be decrypted with knowledge of the shared secret; RSA_PSK suites need knowledge of both the shared secret and the RSA private key; DHE_PSK suites provide perfect forward secrecy. SRP cipher suites also provide perfect forward secrecy. There again, this is by design: if knowledge of the password sufficed to decrypt a recorded connection, then this would allow offline dictionary attacks, precisely what SRP is meant to thwart. | |||
To decrypt SSL data in Wireshark
| |||
One way to view the contents of a HTTPS session is to use Fiddler as a local proxy. Just be sure to launch the tool, and open options and enable SSL monitoring (this will add one root cert and many additional certificates to your trusted store) Although this doesn't directly answer the question on how to decrypt a captured TLS session, it may be of use to some people. |