The key-pair of your certificate is only used for authentication, eg you can in addition sign your public value.Īfter an (E)DH key agreement, there are always exatly two parties posessing the resulting key. You're authenticated at this very moment, different certificates with different public keys won't work, DH would produce different keys for the two parties.įor EDH, your secret is a random value that you only need as long as the handshake takes. The peer will decrypt this with the public key of your certificate. This private key you need differs for DH and EDH.įor DH, your secret is the private key of the certificate that you use. If you have that key you can just use it as exponent for the public value of the other party(B).
Sure, but you need the private key used in that exchange from at least one of the partys(say, A). The blog you cite says they can break DH. What does this mean for decryption using Wireshark, etc.? Thank you. Ephemeral DH exchanges public DH values signed with RSA or DSA keys. Fixed or static DH exchanges public DH values using digital certs. Anonymous DH doesn't require either side to authenticate each other. Maybe some of you crypto gurus can comment on their blog post - is it possible to decrypt traffic if the cipher suite is TLS_DH_RSA_WITH_AES_256_CBC_SHA (0x0037) instead of TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)? The cited perfect forward secrecy article says Diffie-Hellman provides PFS but isn't clear on the differences between plain DH and DHE (ephemeral).įrom what I read in Cryptography Decrypted, SSL/TLS uses Diffie-Hellman to create a shared pre-master secret key and six shared secret keys.
TLSv1 Record Layer: Handshake Protocol: Server Hello You could use syntax like this with Tshark:
0 kommentar(er)
