Ask Your Question
0

how to decrypt TLS v1.2 Diffie-Hellman

asked 2020-02-01 11:28:48 +0000

Egis gravatar image

Hi, I have IOT device running on openwrt and would like to sniff traffic between IOT device application which runs and sends traffic to Cloud. Application itself uses SSL certificates as I can see in /SSL folder there is 3 certificates like Cacert.pem, newcert.pem, newkey.pem I can see that application is using websocket: Sec-WebSocket-Key: ZSKgM............ WebSocket-Protocol: ldc Sec-WebSocket-Version: 13

Its possible to make decryption of traffic going towards cloud ?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-02-01 14:09:02 +0000

grahamb gravatar image

If the device is using a DH key exchange then perfect forward secrecy will prevent decryption even with the private key.

You might be able to perform a MITM either by forcing an algorithm down-grade or by getting the root certificate of the MITM device accepted by the IoT device as a trusted root as is done by many "TSL inspecting" security appliances.

edit flag offensive delete link more

Comments

Problem that IOT device application uses own certificates with CA cert and if I replace with MITM root it cant access Cloud services -- error 403

Egis gravatar imageEgis ( 2020-02-03 05:10:27 +0000 )edit

Yes, as I said to do an MITM you need to get the IoT device to trust the MITM CA cert.

grahamb gravatar imagegrahamb ( 2020-02-03 13:24:08 +0000 )edit

I can change only by renaming MITM CA cert on IOT device as runing APP is using them. But it wont work as application has CA cert, cert.pm and certkey.pem......

Egis gravatar imageEgis ( 2020-02-03 13:34:32 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2020-02-01 11:28:48 +0000

Seen: 2,284 times

Last updated: Feb 01 '20