Join Log in
Score:1
Arthur Timmermans avatar Crypto

TLS 1.3 key_share capture without certificate exchange

sz flag
Arthur Timmermans

I am working on an investigation on TLS 1.3. I've came across an article of qacafe where they shared a TLS 1.3 handshake sequence. Wireshark capture. In this capture you see that in the Client Hello a key_share is being send where it is "guessing" which cypher suite to use. This saves some bytes. by not having to send the whole list. However I don't see any certificate exchange in this capture.

Does someone know why the certificate exchange is missing here? An reason could be the pre_shared_key method of TLS 1.3, however I don't see that extension being used in the Client Hello. Does someone have an explanation for this?

30
0 + 3
Maarten Bodewes avatar
in flag
Maarten Bodewes
That's simple, the certificate exchange is performed after key establishment. However, TLS 1.3 has been designed in such a way that packets are encrypted as soon as the master secret and the session keys have been calculated. This includes the header packets. You'll need the master secret to be able to decrypt the header packets. Alternatively you can obtain them using a client that is able to dump the certificate chain send by the server (such as `sclient`).
1
Reply
Maarten Bodewes avatar
in flag
Maarten Bodewes
Certificate specific questions are often better asked on [security.se] or [su]. Please be aware that it is very likely that this question has been asked before.
0
Reply
SAI Peregrinus avatar
si flag
SAI Peregrinus
https://tls13.xargs.org/ is an excellent explanation of every step in a TLS 1.3 connection. Observe that the Server Certificate is sent *after* encryption starts, with a temporary symmetric key. After the Application Keys Calc step(s), the symmetric key for encrypting the remaining messages has been calculated and gets used.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.