Wireshark-dev: Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol diss
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Richard van der Hoff <richardv@xxxxxxxxxxxxx>
Date: Thu, 07 Aug 2008 09:59:41 +0100
Paolo Abeni wrote:

2) Change the code to only identify the weak keys, but not use it
   to decrypt the SSL traffic (would this also be CPU intensive?)


Yes. It will take near exactly the same amount of time and computation
since, in current code, the larger amount of time is spent looping on
candidate weak keys.
Right. I'd been labouring under the misunderstanding that you could identify whether a key was weak without having to brute force it. Having looked at Paolo's patch a bit more, I now see that isn't true.
This certainly shouldn't be enabled by default - I don't want my wireshark to spend ages attempting to brute-force keys every time I happen to pick up a bit of SSL traffic.
You could leave the code in there, and have an 'identify weak keys' menu option. 

But at present I'm changing my vote to 1) Don't include the code at all.

Cheers

Richard


--
Richard van der Hoff <richardv@xxxxxxxxxxxxx>
Project Manager
Tel: +44 (0) 845 666 7778
http://www.mxtelecom.com