how to decrypt TLS v1.2 Diffie-Hellman

Hi, I have IOT device running on openwrt and would like to sniff traffic between IOT device application which runs and sends traffic to Cloud. Application itself uses SSL certificates as I can see in /SSL folder there is 3 certificates like Cacert.pem, newcert.pem, newkey.pem I can see that application is using websocket: Sec-WebSocket-Key: ZSKgM............ WebSocket-Protocol: ldc Sec-WebSocket-Version: 13

Its possible to make decryption of traffic going towards cloud ?

If the device is using a DH key exchange then perfect forward secrecy will prevent decryption even with the private key.

You might be able to perform a MITM either by forcing an algorithm down-grade or by getting the root certificate of the MITM device accepted by the IoT device as a trusted root as is done by many "TSL inspecting" security appliances.

23.8k

grahamb

answered 2020-02-01 14:09:02 +0000

edit flag offensive 0 remove flag delete link

Comments

Problem that IOT device application uses own certificates with CA cert and if I replace with MITM root it cant access Cloud services -- error 403

Egis (2020-02-03 05:10:27 +0000) edit

Yes, as I said to do an MITM you need to get the IoT device to trust the MITM CA cert.

grahamb (2020-02-03 13:24:08 +0000) edit

I can change only by renaming MITM CA cert on IOT device as runing APP is using them. But it wont work as application has CA cert, cert.pm and certkey.pem......

Egis (2020-02-03 13:34:32 +0000) edit

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

how to decrypt TLS v1.2 Diffie-Hellman edit

Comments

1 Answer

Comments