Ask Your Question
0

how to decrypt TLS v1.2 Diffie-Hellman

asked 2020-02-01 11:28:48 +0000

Egis gravatar image

Hi, I have IOT device running on openwrt and would like to sniff traffic between IOT device application which runs and sends traffic to Cloud. Application itself uses SSL certificates as I can see in /SSL folder there is 3 certificates like Cacert.pem, newcert.pem, newkey.pem I can see that application is using websocket: Sec-WebSocket-Key: ZSKgM............ WebSocket-Protocol: ldc Sec-WebSocket-Version: 13

Its possible to make decryption of traffic going towards cloud ?

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-02-01 14:09:02 +0000

grahamb gravatar image

If the device is using a DH key exchange then perfect forward secrecy will prevent decryption even with the private key.

You might be able to perform a MITM either by forcing an algorithm down-grade or by getting the root certificate of the MITM device accepted by the IoT device as a trusted root as is done by many "TSL inspecting" security appliances.

edit flag offensive delete link more

Comments

Problem that IOT device application uses own certificates with CA cert and if I replace with MITM root it cant access Cloud services -- error 403

Egis gravatar imageEgis ( 2020-02-03 05:10:27 +0000 )edit

Yes, as I said to do an MITM you need to get the IoT device to trust the MITM CA cert.

grahamb gravatar imagegrahamb ( 2020-02-03 13:24:08 +0000 )edit

I can change only by renaming MITM CA cert on IOT device as runing APP is using them. But it wont work as application has CA cert, cert.pm and certkey.pem......

Egis gravatar imageEgis ( 2020-02-03 13:34:32 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2020-02-01 11:28:48 +0000

Seen: 1,928 times

Last updated: Feb 01 '20

Related questions

Disable the Diffie-Hellman cipher in Windows 10

ssl decrypt

Decrypt ssl socket JSON-RPC: decrypt_ssl3_record: no decoder available

mitmproxy+wireshark: SSL decryption with sslkey

TLS/SSL - Should this be decryptable?

Unable to decrypt HTTPS TLSv1.2 traffic with wireshark (sha1WithRSAEncryption)

"SSL decode as" for more protocols

rdp decryption over ssl

Wireshark SSLKEYLOGFILE decryption not working

Capture on WiFi works for all but device I'm interested in

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2