This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

TLS public key decryption?

0

I have a trace including handshake for TLS between two servers using SIPS. I cannot decode because wireshark wants private keys? Why would wireshark want private keys? Why wouldn't the public keys work. I have both public keys from each server and cannot get it to work because wireshark will not accept the public key.

Listen most organizations are not going to give you their private key, in fact everything I have read says never give out your private key. So why would wireshark request your private key.

This is an integration between two pcs telecom gear and the TLS does work; Each side shares their public key and it works. So if these two devices can decode each others TLS with their respective public keys why can't Wireshark?

Am I missing something fundamental here?

asked 30 Jan '12, 10:24

David%20Messel's gravatar image

David Messel
1111
accept rate: 0%


One Answer:

0

The short answer:

The way that Public Key Encryption works is as follows:

A sender encrypts a message using the receiver's public key.

The receiver then uses the receiver's private key to decrypt the message.

So: to be able to decrypt a message the private key is needed.

See any description of Public Key encryption for further details....

answered 30 Jan '12, 10:34

Bill%20Meier's gravatar image

Bill Meier ♦♦
3.2k1850
accept rate: 17%

thanks I new I had to have something fundamental; screwed up in my thinking.

(30 Jan '12, 10:52) David Messel