This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to view the encrypted key during ssl key exchange?

1

I am trying to view the excrypted key during ssl key exchange process. But I am not able to view the encrypted keys. Surely it must be possible to view the keys ni their encrypted form, but how?

asked 19 Apr '12, 23:45

Ashwin's gravatar image

Ashwin
31337
accept rate: 0%


2 Answers:

1

If all is well, you should see a "ClientKeyExchange" SSL handshake message. If you are using a DH cipher, you should also see a "ServerKeyExchange" SSL handshake message.

If you don't see those, you might not have the right protocol preferences. FIrst of all, check in the TCP protocol preferences that you have "Allow subdissector to reassembly TCP streams" enabled. Then check in the SSL protocol preferences if all reassembly options are enabled.

BTW, I assume you are seeing your SSL conversations dissected as SSL...

answered 20 Apr '12, 03:50

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

@SYN-bit ♦♦ : I don't see the "server key exchange" BUT I see the "ClientKeyExchange". But there is not encrypted key in that packet.

(20 Apr '12, 04:12) Ashwin
1

Until recently the dissection of the ClientKeyExchange was like this:

TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
    Content Type: Handshake (22)
    Version: TLS 1.0 (0x0301)
    Length: 134
    Handshake Protocol: Client Key Exchange
        Handshake Type: Client Key Exchange (16)
        Length: 130
(20 Apr '12, 04:35) SYN-bit ♦♦
1

In version 1.8 it will be like this:

TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
    Content Type: Handshake (22)
    Version: TLS 1.0 (0x0301)
    Length: 134
    Handshake Protocol: Client Key Exchange
        Handshake Type: Client Key Exchange (16)
        Length: 130
        RSA Encrypted PreMaster Secret
            Encrypted PreMaster length: 128
            Encrypted PreMaster: 761b1beac35e59de9a3bb9f74ebf9109b738e8ad346
(20 Apr '12, 04:36) SYN-bit ♦♦
1

So if you might want to download an automated build from: http://www.wireshark.org/download/automated/

(20 Apr '12, 04:37) SYN-bit ♦♦

@SYN-bit ♦♦ : That explains it. I am geting the version 1.6 output. But why is that so? Doesn't 1.6 capture the encrypted master key at all?

(20 Apr '12, 21:13) Ashwin

@SYN-bit ♦♦ : The link contains only version 1.7.2 .I downloaded that. But it shows the same output as version 1.6(Cannot view the encrypted pre-master key).

(20 Apr '12, 21:28) Ashwin

1.8 will be the next release, which will come out in a month or two. The enhanced KeyExchange dissecting is added in SVN 40748 on Jan 28:

r40748 | etxrab | 2012-01-28 16:50:59 +0100 (za, 28 jan 2012) | 4 lines

From Michael: Enhance SSL Key Exchange dissection.

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6716

So, any version downloaded from the automated build section should have the enhanced dissection.

Can you post your tracefile to www.cloudshark.org and post the link here so I can check?

(21 Apr '12, 03:41) SYN-bit ♦♦

@SYN-bit ♦♦ : My mistake. You are right it works. It shows the dissected key exchange packet. But is dissecting so complicated that, it was not inclluded in version 1.6. What is the reason why it was not included in version 1.6. I am asking this because version 1.6 is abl to dissect application data. Then what is the problem with dissecting key exchange.

(22 Apr '12, 22:12) Ashwin
1

Well, my guess is that the initial writer of the SSL dissector did not find the info in the KeyExchange messages very interesting, so the code to dissect it was not written until recently someone did find the interest to dissect the KeyExchanges.

(23 Apr '12, 01:53) SYN-bit ♦♦
showing 5 of 9 show 4 more comments

2

Unlike the simple PKI-based encryption process which uses a symmetric key which is transmitted along with the document, encrypted with the recipients public key, SSL/TLS encryption uses a more complicated process.

Instead of one participant making up a symmetric key and sending in encrypted form in a packet the handshake process will implement an algorithm by which the two ends agree on a "master secret" which is then used by both ends to independently construct the same symmetric session key. Parts of the pre-master secret are sent encrypted, but never the entire symmetric key. The exact details will vary depending on whether SSLv2, SSLv3 or TLS is used and will also vary basedd on the encryption suite which client and server agree upon.

Wireshark can calculate the same symmetric key if it sees both sides of the handshake and knows the private key of the server certificate.

answered 20 Apr '12, 01:19

inetdog's gravatar image

inetdog
16717
accept rate: 14%

@inetdog : I don't expect to see the symmetric key. I just wish to see the encrypted symmetric key. I think that wireshark can do, but how?

(20 Apr '12, 02:15) Ashwin

The encrypted symmetric key is never transmitted over the wire. It is just constructed independently at both ends based on other encrypted information exchanged during the handshake. So wireshark cannot show you the encrypted session key.

As a result the best wireshark can show you without knowing the server private key is the encrypted information which was used to create the session key.

(20 Apr '12, 02:22) inetdog

@inetdog But I am not able to see that also. How to see "Parts of encrypted master key"?

(20 Apr '12, 03:29) Ashwin

@inetdog What does your name mean? Asking just out of curiosity? No offence meant

(20 Apr '12, 03:33) suraj

@inetdog : One more update. after the user SYN-bit answered, I checked my packets, there is no server key exchange. Only client key exchange is there. So I think, the client is directly sending the encrypted key. Now I want ot view the "encrypted key". But on opening the client key exchange packet, there is no field showing the encrypted key. what is the problem?

(20 Apr '12, 04:21) Ashwin

@Ashwin: "On the Internet, nobody knows you're a dog." Google it. No offense taken! Depending on the type of key used in the server certificate (DH or RSA), the ciphersuite selected, and whether the protocol is SSL or TLS, the number and type of messages in the handshake will differ, as SYN-bit implied.

(20 Apr '12, 11:51) inetdog

@inetdog : that question about "inetdog" was asked by @suraj

(20 Apr '12, 22:17) Ashwin
showing 5 of 7 show 2 more comments