TLS Decryption

The Decrypt TLS Traffic profile setting allows users to decrypt TLS traffic within a capture file. TLS traffic can only be decrypted if the user has access either to the appropriate RSA key, or a client keylog file.

Note that RSA keys must be imported and shared by admin users. See the section on RSA key management in the Admin Guide for more information on adding and managing keys.

Client Keylog File

The client keylog data can be pasted into CloudShark and used for TLS decryption. Additionally the upload API method supports uploading a keylog file when a capture file is uploaded.

Web browsers like Firefox and Chrome are able to save keys used when visiting websites by generating a keylog. The openssl and curl command-line clients are also able to generate a keylog. All of these applications check for an environment variable SSLKEYLOGFILE set to the location of a text file. Once set these applications will write the key data to the log file specified.

RSA Server Keys

An RSA key can be dragged from the box of Available Keys to the Active RSA Keys box. Multiple unique decryption rules can be defined for each capture. Once a valid decryption rule has been configured and applied, the TLS traffic for that rule will be automatically decrypted and visible in the decode window.

Following TLS streams

Once an TLS session has been decrypted, CloudShark provides a tool for following TLS streams. This tool can be used to provide the familiar follow stream view for decrypted TLS streams. The Follow TLS analysis tool menu option will be active for captures that have TLS decryption rules applied.

Potential Problems

Sometimes TLS decryption may now work as expected. Here are some reasons why TLS traffic may not be decrypted.

Diffie-Hellman

You can not use decryption if a Diffie-Hellman based cipher is in use. Look at the TLS exchange and look for the Server Hello message. This will normally report the chosen cipher. If it contains a DH, then Diffie-Hellman is in use and the decryption using the TLS server key will not work. For example view the following capture using the filter expression tls.handshake.type == 2.

TLS With Diffie-Hellman

One potential work around is to reconfigure your server to exclude Diffie-Hellman based Ciphers.

TLS Session Reuse

You can not use decryption if your TLS session was reused and the full TLS handshake is not in your capture. If you are having trouble with TLS decryption and suspect TLS Session Reuse try using the following filter expression:

!tls.handshake.session_ticket || tls.handshake.session_id_length == 0

If any packets match this filter expression it is likely that the TLS was used during this capture and the full handshake may not have been captured.

Here are a couple of example captures to show the difference between the full TLS handshake, and one where an TLS session was reused.

• TLS Capture With Full Handshake

• TLS Capture With Session Reuse

Here is also an article which describes TLS session reuse and includes a diagram to explain the handshake in both cases.

Possible workarounds to avoid TLS session reuse include configuring your server to disable TLS session reuse or clearing any TLS caches created by the client before capturing TLS traffic.