Question about tls1.2 using rsa and dhe

[jxr98]

Hi everyone. The website is really helpful for me to understand every single message of tls. Since the key exhance process on the website uses ECDHE. Is there any resource which uses rsa or dhe that I can refer to? Thanks you so much for providing this wonderful work.

[syncsynchalt]

I don't know of any in-depth documentation an RSA or non-EC DHE exchange, but they probably exist out there. If you'd like to do a deep investigation of such a key exchange at the protocol level, the steps I would take would be:

1. Capture such a connection using tcpdump or Wireshark, while also capturing the SSL key log from that connection (see SSLKEYLOGFILE for hints on how to get a keylog, it depends on the software making the connection).
2. View the packet capture in Wireshark. If you give Wireshark the SSL keylog, it will give a byte-by-byte breakdown of the connection, including the key exchange bits.
3. Look into how RSA or DH works and match that understanding against the bytes seen in the capture, until they make sense.

I will warn that RSA is becoming increasingly obsolete as it uses long keys and has problems with forward secrecy. The practical problem with learning RSA is it's becoming difficult to force software to even attempt an RSA key exchange (I couldn't easily find the correct flags to openssl s_client to make it happen).

[jxr98]

Thanks for your explanation.