Wireshark · Wireshark-users: Re: [Wireshark-users] Does wireshark decode TLS_DHE_RSA_WITH_AES_256_CBC

Wireshark-users: Re: [Wireshark-users] Does wireshark decode TLS_DHE_RSA_WITH_AES_256_CBC_SHA usi

From: Sake Blok <sake@xxxxxxxxxx>

Date: Thu, 21 Feb 2008 12:21:42 +0100

On Thu, Feb 21, 2008 at 04:19:55PM +0530, vishal arya wrote:
> Did everything by the book ,still  tshark/wireshark fail to show may 
> contents on the payload data.
> then i did some gooleing to find intresting stuff about ephemeral keys 
> cannot be decrypted.
> please let me know if TLS_DHE_RSA_WITH_AES_256_CBC_SHA ( AES 256 bit 
> Encryption ) can be decrypted using wireshark/tshark.

Unfortunately by the nature of the Diffie Hellman (DH) key exchange
it is not possible to decode any cipher that uses DH to setup 
the keys. So the cipher you are using can not be decrypted
by Wireshark (the _DHE_ in the cipher indicates a DH key exchange).

If you are able to restrict your cipherlist, you can force
ssl to use a cipher that *can* be decrypted by Wireshark.

Hope this helps,
Cheers,
     Sake

Follow-Ups:
- Re: [Wireshark-users] Does wireshark decode TLS_DHE_RSA_WITH_AES_256_CBC_SHA using server key
  - From: Joerg Mayer

References:
- [Wireshark-users] Does wireshark decode TLS_DHE_RSA_WITH_AES_256_CBC_SHA using server key
  - From: vishal arya

Prev by Date: [Wireshark-users] Does wireshark decode TLS_DHE_RSA_WITH_AES_256_CBC_SHA using server key
Next by Date: Re: [Wireshark-users] Does wireshark decode TLS_DHE_RSA_WITH_AES_256_CBC_SHA using server key
Previous by thread: [Wireshark-users] Does wireshark decode TLS_DHE_RSA_WITH_AES_256_CBC_SHA using server key
Next by thread: Re: [Wireshark-users] Does wireshark decode TLS_DHE_RSA_WITH_AES_256_CBC_SHA using server key
Index(es):
- Date
- Thread