Day 14: Challenge Day — Annotated Wireshark Capture

Phase 1 · May 27, 2026 · Week 2 Review

Agenda (2–3 hours)

• Review (30 min): Week 2 concepts from memory (no notes)
• Capture (30 min): Set up decryptable TLS 1.3 session
• Annotate (90 min): Walk through every message and field

No new reading. The deliverable is a thoroughly annotated capture.

Week 2 Concepts Check

Answer from memory before you start:

1. What is the downgrade sentinel in the TLS 1.3 server random?
2. When does a server send HelloRetryRequest?
3. What does CertificateVerify sign, and why does the context string matter?
4. What is resumption_master_secret used for?
5. What is the difference between PSK-only and PSK-DHE?
6. Why is 0-RTT dangerous for non-idempotent operations?

If you're uncertain on any of these, spend 20 minutes reviewing before capturing.

Capture Setup

# Export TLS keys for Wireshark
export SSLKEYLOGFILE=/tmp/phase1_day14_keys.log

# Capture interface traffic
sudo tshark -i lo -w /tmp/phase1_day14.pcapng &

# Make a TLS connection (or use curl)
openssl s_client -keylogfile /tmp/phase1_day14_keys.log \
  -connect example.com:443 < /dev/null

# Stop capture
sudo kill %1

Load the pcapng into Wireshark, configure the keylog file under TLS preferences.

Annotation Requirements

For your capture, label every handshake message with:

1. ClientHello: record the cipher suites offered, key_share groups, whether early_data extension is present
2. ServerHello: cipher suite selected, key_share group, negotiated version
3. EncryptedExtensions: any ALPN or other extensions
4. Certificate: how many certs in the chain, subject of each
5. CertificateVerify: signature algorithm used
6. Finished (server): note that it's encrypted with server_hs_traffic_key
7. Finished (client): note the traffic key transition after this
8. NewSessionTicket: ticket lifetime

Challenge Assignment

Produce an annotated diagram or annotated screenshot of your decrypted capture showing:

1. Each handshake message with its ContentType and whether it's encrypted
2. The key transitions: when hs_traffic_key activates, when app_traffic_key activates
3. The exact cipher suite and group negotiated
4. The full certificate chain: subject → issuer chain up to root

Bonus: In the key log file, identify CLIENT_HANDSHAKE_TRAFFIC_SECRET and SERVER_HANDSHAKE_TRAFFIC_SECRET. Cross-reference them with the Wireshark dissection to confirm they're used for the right records.

Resources

• Wireshark TLS wiki: decrypting TLS with SSLKEYLOGFILE
• RFC 8446 §2 figure (for reference while annotating)
• Your notes from Days 8–13