This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Connect Direct Secure Plus decryption

0	Is it possible to decrypt Connect Direct Secure Plus with Wireshark? plus secure connect decryption direct asked 23 Apr '13, 15:51 Steve Fenter 11●3●3●4 accept rate: 0%

One Answer:

Although Connect Direct Secure Plus uses TLS, there is no decryption support for that protocol in Wireshark.

Apparently they use a variation of Diffie Hellman to establish a crypto key, which makes it impossible harder to decrypt the data stream, as there is no way to generate the required session key, unless either party (client or server) discloses that key.

From: http://www.commoncriteriaportal.org/files/epfiles/sterling-v37-sec-e.pdf

"STS is a Sterling Commerce, Inc. proprietary protocol that includes a variation of the basic Diffie-Hellman protocol"

Regards
Kurt

answered 24 Apr '13, 04:09

Kurt Knochner ♦
24.8k●10●39●237
accept rate: 15%