SSL Protocol Analysis
SSL Protocol Analysis
Objective: The objective of this worksheet is to analyze the SSL protocol by capturing the
packets using Wireshark tool while visiting any SSL secured website (banking, e-commerce
etc.). Audience is expected to be familiar with the basic usage of Wireshark and the
theoretical concepts of SSL. The standardized version of SSL is TLS which is tracked through
IETF RFC-5246. Most SSL secured website use TLS.
Platform: The content shown below is taken from Wireshark 1.12.6 running on Windows-
8.1 operating system. This is expected to be similar or with minimum differences across
different operating systems and Wireshark software releases.
Observations Steps:
(1) Identify a secure server which uses TLS for secure transactions. It appears with a green
padlock in the URL window of the browser. Some of the websites may appear with a grey
padlock. There is not much practical difference except these websites do not use extended
validation certificates. For this worksheet, a website which comes up with a green padlock is
recommended.
(2) For this worksheet, hsbc.co.in website of HSBC bank is selected. It comes up with a green
padlock when personal internet banking log on is pressed from its main page.
Green
Padlock
(3) Identify the IP address of the website running commands like ping or tracert from
command prompt (windows run -> cmd). The IP address for HSBC personal banking logon is
203.112.92.107 as retrieved below. This IP address will be used to identify the TLS server in
the Wireshark captured packets.
TLS Server
IP Address
(4) Identify the IP address of your PC/laptop from where you are accessing this web server
using ipconfig command from command prompt (or, ifconfig from the Linux terminal). The
IP address of this experimental laptop is 192.168.1.2 as retrieved below. This IP address will
be used to identify the TLS client in the Wireshark captured packets.
TLS Client
IP Address
(5) Your client IP address may change depending on from where you are accessing the
Internet from time to time (location - office or home, Internet Service Provider - Airtel, Tata
or Reliance etc.). The server IP address may also keep changing with time. It is not in your
control.
(6) Start packet capturing using Wireshark (review Wireshark Starter worksheet as a pre-
requisite). Access the personal log-on of hsbc.co.in through your browser. When green
padlock appears, stop capturing the packets on Wireshark. Now for the analysis purpose the
task of the browser is completed. The analysis will take place using Wireshark tool only.
Important Note:
I. You may stop capturing the packets little later also, but it will only increase the count of
total captured packets. The TLS protocol runs and completes is job as soon as green
padlock appears (can you find out the time from Wireshark?) After that, it is only
encrypted and authenticated data which goes over the TLS. We are not interested in
that. We want to only analyse the TLS protocol messages.
II. It is advisable to close all other TCP/IP sessions (e.g. e-mail, multiple browser windows
etc) on your PC/laptop Internet interface when you are capturing the above TLS packets.
It will unnecessary capture a lot of IP packets.
Filter
(8) The filter is set like as shown below in somewhat like C/C++ syntax. Why?
ssl && ((ip.src == 192.168.1.2 && ip.dst ==203.112.92.107) || (ip.dst == 192.168.1.2 &&
ip.src ==203.112.92.107))
This selects that source and destination should be either TLS client or server and protocols
should be ssl. Wireshark keyword for TLS is SSL. Running this filter show only relevant
packets on the display screen.
(9) Filters can also be saved from Wireshark Edit -> Preferences -> Filter Expressions for
recurrent future usage. For more details go through the Building Filter Expressions
Wireshark user guide pages.
(10) Now let us start analyzing the TLS protocol from the captured packets. The first
message from TLS client to TLS server (source to destination) is Client Hello as shown below
from the packet list view:
(11) When selecting this packet the packet detail display shows the following:
(12) Review the TLS Record Protocol packet structure from the lecture slides. It looks like
below:
Now from the captured Client Hello packet, map the above TLS Record Protocol fields:
Content Type = 22 (that indicates that it is Handshake Protocol being carried over record
protocol)
Major and Minor Version = 0x0301 (Value for TLS 1.0)
Length = 198 bytes
These values can be seen in packet bytes view in the lowest part of the display. Each byte is
in hexadecimal. E.g. bringing the cursor over the version field, it highlights the two bytes of
the version in the packet bytes display below.
(13) Expand the packet of Client Hello message, pressing the + button on the left side of it.
(15) Review from the lectures slide the structure of Handshake protocol. It looks like as
shown below:
Now from the expanded view, map the above Handshake Protocol fields:
(16) There may be few extension fields following Compression Method as recommended by
RFC-5246. We are not going to explore them in this worksheet.
(17) Now let us review the Server Hello packet details as shown below and make the
following observation:
The second
Session ID cipher suite
assigned selected from
the client list.
(18) After this phase-1 of handshake protocol, in phase-2, server sends Certificate message.
Fields of the Certificate message are shown below:
Now from the expanded view, map the above Handshake Protocol fields:
(19) You may also notice that in phase-2, there are no more messages from the server. In
many cases, server does not request client's certificate.
(20) Now handshake protocol enters into the phase-3 and phase-4. The following messages
are sent from the client to the server:
Now from the above expanded view, observer the following messages and their fields:
Length = 258
RSA Encrypted Pre Master Secret (because server selected RSA based Cipher Suite)
III. Encrypted Handshake Message: Can you guess what it is? It is the first encrypted
message from the client that is finished. The content part of it will be a digest that
includes all the messages (except finished) sent by the client in handshake protocol
as shown below:
(21) Now the Change Cipher Spec and encrypted finished messages come from the server
end and it completes all the four phases of SSL/TLS handshake protocol.
(22) Following above, all encrypted application data will be exchanged across client and
server. If there are any alert messages, they will be also encrypted and shown as "Encrypted
Alert" in the info filed of Wireshark.
Exercise: Explore time formats of Wireshark and identify how long it took to complete the
TLS handshake protocol to perform its job.