You may be aware about the SSL/TLS decryptionÂ features of Unsniff (see article here on how to do it )
This past weekend we received an email asking whether there were plans for Unsniff to support decryption of TLS using the DHE-RSA-AES256-SHA cipher suite. We also find this same question repeated on many security forums. I thought this deserves a blog entry.
The letters “DHE” in a cipher suite name means that the Diffie Hellman Ephemeral mode is being used for key exchange. Contrast with plain or static “DH” (example DH_RSA_WITH_DES_CBC_SHA ). Unsniff might support static DH because the diffie hellman parameters can be found in the server certificate.
Unsniff has no plans to support ephemeral DH because it is impossible.
Ephemeral DH is used to provide Perfect Forward Secrecy to a TLS connection. This means that even if you have obtained the server private key via admin help, theft, or court order – you cannot decrypt past captured traffic.Â The server key is of no use because it is only used to sign the DH parameters in the “Server Key Exchange” message in TLS. To decrypt DH-ephemeral in the way Unsniff (and other tools like Wireshark) do would be akin to breaking DH. That is not possible.
Is thereÂ really no way ?
I think there is only one way. If you can change the source code of the server (apache, etc) to write out the DH params to a log file for each sessionÂ – we may be able to use that to compute the master secret and therefore decrypt the TLS session.