Due to the nature of SSL/TLS protocol you shouldn't be able to obtain
server's secret key in plain form.
During handshake, in client key exchange phase the premaster secret is sent,
from which both server and client encryption keys are derived. But premaster
secret is encrypted with public key of server, so only server with its
private key is (should) be able to decrypt it. You can sniff only encrypted
premaster secret, what is no advantage for you.
Julius Siska <[EMAIL PROTECTED]>
> So according to you, knowing just the secret key of the
> server wouldn't be
> sufficient to decrypt the data without using brute force?
>
> > -----Original Message-----
> > From: Bodo Moeller [SMTP:[EMAIL PROTECTED]]
> > Sent: Tuesday, June 15, 1999 5:46 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: advice needed
> >
> > On Tue, Jun 15, 1999 at 04:54:40PM +0200, Pierre De Boeck wrote:
> >
> > > I think your concept of SSL/TLS sniffer is not realistic
> > > in a general way, for the following reasons:
> > >
> > > - the packets transmitted between a client and a server have
> > submitted
> > > a set of "transformations" (fragmentation,
> compression(optional)+
> > > encryption(optional)+"MACed")
> > > - to recover the original payload, you must, among other things,
> > know
> > > - the compression alg/param used if any
> > > - the cipher alg.param used (e.g. RC2-CBC-40
> with a specific
> > IV)+
> > > the secret key
> > >
> > > That information is shared by the two parties but obviously not
> > transported
> > > in the packets.
> >
> > Of course it's not trivial to read the encrypted payload
> data, but the
> > algorithm identifiers are transmitted in clear; so the attacker can
> > tell which connections use only 40-bit encryption keys, and -- if
> > enough computing power can be put into this -- can do
> key-searches for
> > those and then decrypt them.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
