Page 1 of 1

question about SSL

PostPosted: Fri Jan 30, 2009 12:36 am
by ratcateme
right what i was thinking is when you packet sniff some SSL packets in wireshark say HTTPS packets you cannot view them it needs the server ssl key thing right.
but what i dont understand is say that wireshark had all the packets then surely in the setup the server had to tell the client how it was going to encode data and how the client should encode data to send back.
and with that knowledge surely wireshark could decipher the transfer to plain text?
i guess i am missing something here could someone fill me in please?

Scott.

Re: question about SSL

PostPosted: Fri Jan 30, 2009 6:02 pm
by sidebottom
That's the beauty of public key encryption! The whole idea is that you create two keys, a public one that you give out to others and a private one that you keep secret to yourself. Anyone can encrypt data your public key but cannot decrypt it without the private key.

So basically, in SSL you grab the servers public key from them, ask a trusted 3rd party (a certificate authority like Verisign) if that key really belongs to the server who gave it to you and then you encrypt a symmetric cipher key with it. You then send the encrypted key to the server (in theory, the only one that can decrypt it). Now you securely share a symmetric key with the server.

Check out http://en.wikipedia.org/wiki/RSA for more information.

Re: question about SSL

PostPosted: Sat Feb 07, 2009 3:42 am
by ratcateme
thanks man i had read some wikipedia stuff on it but never really understood that article helped a lot thanks

Scott.