Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts

How to see if Diffie-Helman Key Exchange is being used in SSL/TLS

As I understand, all SSL/TLS communications establishes using either DH key exchange or RSA keys. Within a wireshark capture, how would I see whether or not DH or RSA is being used? All it shows me is SSL key exchange.

87% Upvoted
What are your thoughts? Log in or Sign uplog insign up
level 1
F5 GTM/LTM57 points3 months ago

Within the Server Hello under "Secure Sockets Layer' there will be a field called: Cipher Suite: - That field will tell you the handshake method used. If you see ECDHE or DHE in there you can tell it's some DH exchange method.

level 2
Original Poster12 points3 months ago

Thank you!!!!

level 3
15 pieces of flair 馃挬9 points3 months ago

If you want perfect forward secrecy, make sure to use one of the suites that is ephemeral. DHE or ECDHE. That will give you the forward secrecy.

EDIT: fixed some words

level 2
15 pieces of flair 馃挬3 points3 months ago

I knew you were an F5 person before I saw your flare. Gotta know that TLS handshake. 馃榾

level 2
2 points3 months ago

People like you simultaneously frighten and impress me. Nice work!

level 1

Look for 鈥渟erverkeyexchage鈥

Community Details





###Enterprise Networking Routers, switches and firewalls. Network blogs, news and network management articles. Cisco, Juniper, Brocade and more all welcome.

Create Post
r/networking Rules
Rule #1: No Home Networking.
Rule #2: No Certification Brain Dumps / Cheating.
Rule #3: No BlogSpam / Traffic re-direction.
Rule #4: No Low Quality Posts.
Rule #5: No Early Career Advice.
Rule #6: Educational Questions must show effort.
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies.Learn More.