This is a static archive of our old Q&A Site. Please post any new questions and answers at

How does Wireshark decrypt SSL/TLS with only ClientRandom



I am trying to decrypt a https connection on my machine with java.
For that reason I have a system variable set so that Firefox puts the ClientRandom into a txt file. Now when I open a capture with Wireshark and give it access to the txt file with the ClientRandom, it can decrypt the whole sslstream.
I am now wondering how Wireshark does it. After reading some pages explaining how SSL/TLS works (explaining RFC of TLS) I wonder how to get the Pre-master-secret, since I don't know the private exponent d from the server.
I can see in Wireshark that I send the encrypted PreMaster in the Client Key Exchange, Change Cipher Spec, Finished package. But to decrypt this I would need the private exponent d from the server, wouldn't I?

Any help is very much appreciated.
Kind Regards

asked 18 Feb '16, 06:59

monkey521's gravatar image

accept rate: 0%

One Answer:


With just the Random from the Client Hello message you cannot decrypt anything. The SSL keylog format (as originally created by Mozilla for the NSS library) stores both the Client Random and the master secret. Wireshark will then try to map the Client Hello to a master secret which can then be used for decryption.

Since the master-secret is available, the RSA-encrypted pre-master secret does not have to be decrypted. See also slides 6-9 from this presentation on SSL decryption using Wireshark for the relation between various parameters.

answered 18 Feb '16, 09:51

Lekensteyn's gravatar image

accept rate: 30%

Ok, thank you. In the txt file it says ClientRandom in front of the line but as you stated there seems to be the CR and MS, because with only one line in the file i can decrypt the whole traffic in Wireshark.

(19 Feb '16, 05:23) monkey521