Re: question about bug 3303

[kolos_ws () ural2 hu]

Hi Sake,

> [..]
>
> > Just out of interest, will Wireshark support the decryption of sessions
> > that used DH to negotiate keys?
>
> Since DH uses keys that are generated on the fly, Wireshark would need 
> some keying material from either the client or the server for those 
> sessions to make it possible. There is some work in Chrome/Firefox to be 
> able to log that session information and an enhancement request for 
> Wireshark to import it. However, you would need to have a custom 
> compiled version of Chrome/Firefox to be able to decrypt DH based SSL 
> sessions.
>
> In short, yes, there will be more possibilities in the future, but not a 
> general solution to be able to decrypt any SSL session that uses DH.

Hm. If this is the case, if I were a businessman, sooner or later I'd 
completely disable all non-DH based SSL cipher suites in my product and 
sell it with saying that it's so secure (as this is the reason for using 
SSL in the first place) that even packet captures can't be decrypted from 
it. In other words, based on what you've just explained do you think that 
SSL decryption will be long supported functionality of Wireshark or will 
it diminish in the future?

I'm just thinking theoretically here.

All the best,

Kolos
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe