I have executed all the steps described in the following article: So, what works for RSA-based key exchanges, won't do for DHE-based ones.I need to decrypt the exchanged data ( TLSv1.2 packets with Diffie-Hellman key exchange) between two Web API on the same web server. This is exactly what Wireshark is doing when decoding a TLS stream for you. If an eavesdropping third party has the server's private key, it simply can decrypt the RSA ciphertext of the key exchange, get at the bulk cipher key and decrypt eveything else. This is different when solely relying on RSA for key exchange: in this operation mode, the bulk cipher key to be used is generated by the client, RSA-encrypted with the server's public key and sent to the server. In other words, with (EC)DHE, the AES key used for encryption and decryption cannot be retrieved from the TLS ciphertext conversation, not even if you have the server's private key. And there is something special about the Diffie-Hellman key exchange used in ECDHE_RSA:ĭHE_RSA offers something known as Perfect Forward Secrecy, a pompous name for the following property: if your server gets thoroughly hacked, to the point that the attacker obtains a copy of the server private key, then he will also be able to decrypt past TLS sessions (which he recorded) if these sessions used RSA, while he will not be able to do so if these sessions used DHE_RSA. The key exchange algorithm is specifying how keys for the bulk encryption/decryption cipher are exchanged.
Let's look at the entire ciphersuite specification TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 in detail:
0 kommentar(er)
