How does SSL inbound decryption work exactly?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How does SSL inbound decryption work exactly?

L3 Networker

I am not looking for a guide on how to configure it, there are plenty. What I want to know is how SSL inbound decryption works from an architectural point of view. In the docs it says that once you loaded the webserver's certificate onto the PAN device and enable inbound decryption, the traffic between client and server remains untouched. How is this done? Is the PAN working like a reverse proxy, e.g. the client connection is actually terminated on the PAN firewall and not the webserver behind it?

1 accepted solution

Accepted Solutions

Isnt Diffie-Hellman supposed to block such eavesdropping even if the attacker has the private key of the server?

The inbound decryption is like if you take a tcpdump of the traffic into a pcap file and load that into wireshark while you give the private key to the wireshark aswell. Unless DH is being used the wireshark will be able to decrypt the traffic. Same goes with PA which then can apply IPS filtering, logging etc on the decrypted traffic and if something bad is found it can block the session.

As already mentioned the client will have its ssl session straight to the server (and by that also be able to use client certs etc) - compared to when ssl-proxy is being used in PA which will have one ssl session between client and PA and another ssl session between PA and server (ssl-proxy wont work with client certs).

View solution in original post

7 REPLIES 7

L6 Presenter

Hello Cryptochrome,

Its very intelligent question.

Topology:

Server-------PAN------Internet----Client

Digital certificate exported from Server is Imported on PAN, which means PAN and server have same certificate.

Client generate connection with Server, now PAN can intercept each and every packet. PAN has digital certificate of Servers, so it can read everything which server can.

Let me know if you need more information on this.

Isnt Diffie-Hellman supposed to block such eavesdropping even if the attacker has the private key of the server?

The inbound decryption is like if you take a tcpdump of the traffic into a pcap file and load that into wireshark while you give the private key to the wireshark aswell. Unless DH is being used the wireshark will be able to decrypt the traffic. Same goes with PA which then can apply IPS filtering, logging etc on the decrypted traffic and if something bad is found it can block the session.

As already mentioned the client will have its ssl session straight to the server (and by that also be able to use client certs etc) - compared to when ssl-proxy is being used in PA which will have one ssl session between client and PA and another ssl session between PA and server (ssl-proxy wont work with client certs).

L4 Transporter

in fact between client and server only one session key is used.

and the private key have yo be present on the firewall that allow it to decrypt packets on the flow and the firewall decide to forward packet base on security profile that authorise the traffic

no decryption and reencryption on the fly but only decryption!

L3 Networker

Thanks all. Makes sense. Interesting point about Diffie-Hellman though! Smiley Happy

Its often said that when using Diffie-Hellman for the sessionkey exchange the attacker must have access to the RAM contents in order to break that (well sort of 🙂

Anyone with a bit more knowledge of DH which could confirm my assumption that ssl inbound decryption wont work if the server uses DH?

you right

A DH key exchange is by design resistant to eavesdropping, although can be susceptible to a man-in-the-middle attack unless both parties identify themselves with certificates. It’s also, as we’ve seen, not universally supported by common SSL clients. But at least it rules out the possibility of some wiseguy with Wireshark sticking his fins where they’re not wanted!

but When you create your RSA key you need to precise the cipher that use the DH and it not used as default.

From -

No decrypt where diffie hellman is used in the key establishment, so I think you are right.

  • 1 accepted solution
  • 4832 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!