|
|
|
|
|
|
by sneak
4742 days ago
|
|
|
If you have the key from the server, and it's not using a cipher suite that supports forward secrecy, then you do not need to actively MITM to decrypt the traffic. All you need is the long term key and the intercepts. You can then decrypt the session key from the initial connection setup. This is why the DHE/EDH modes exist. It uses DH to agree on a session key, then uses the long term key just to ensure the DH agreement hasn't been actively mitm'd. The session key is never transmitted or permanently stored, so once the connection cache expires, nobody can decrypt retroactively, not even the parties to the conversation. |
|
|