Decryption help for Cisco SSL VPN on UC500 Series (1600827)

Closed Posted Feb 15, 2011 Paid on delivery
Closed Paid on delivery

We are a call recording company attempting to record calls between a Cisco UC-560 and SPA525G phones.

We need someone who has experience decrypting SSL and preferably Cisco SSL implementations. Although we have many Cisco certifications and have exported the keys from the device, we have not yet succeeded.

Your task would be to help us determine how to successfully decrypt the VPN traffic. You can do this by either telling us directly, providing us with guidance and tools to diagnose the decryption failure (is it due to incorrect keys, wrong algorithm?), telling us the differences we would find between standard SSL and Cisco SSL implementations or providing a program that can do the decryption for us (note that the project description below about code requirements, documentation, etc apply ONLY if you are proposing to provide us with code to do the decryption.

In your response you should describe both your qualifications and what you would do to help us succeed in the decryption.

## Deliverables

We are a call recording company attempting to record calls on a customer using an SSL VPN between a Cisco UC-560 and SPA525G phones.

To date we have been unable to successfully decrypt this network, although we have attempted to export the keys (we exported the default rsa keypair with the "crypto key export" commands) from the UC_560 and use the SSL decrytpion function in Wireshark with this keypair.

This project is then to do one or more of the following:

1) Tell us the specific steps required to decrypt this network. If you know the answer, tell us and we will pay after successful decryption;

2) Provide us with or point us to tools - either open source or low cost or that you have available - to diagnose the decryption failure. These tools must be able to distinguish between a failure based on the wrong key, some deviation in the SSL protocol or other potential failure in the decryption process.

3) Decrypt the data yourself and supply us with code to do the decryption.

4) Provide other steps that will lead to successful decryption of the network.

In your response, tell us what your qualifications are and how you would help us accomplish our goal. (Note that language about code and implementation only applies if you are proposing to write an application for us; we have staff who can do coding if needed.)

Please note: We need someone who has experience decrypting this kind of situation. Please respond only if you have specific experience decrypting Cisco SSL VPN networks. We already have qualified personnel who understand Cisco very well generally (see our engineer's certifications below), so you should have very specific experience with decryption.

Our staff certifications:

CCNA

CCNA Voice

Cisco Lifecycle Services for Advanced UC

UCAD

CCIE-RS

CCIE-Security-350-018

CCNP Voice

Engineering Microsoft Project Management Software Architecture Software Testing System Admin Windows Desktop

Project ID: #3106133

About the project

Remote project Active Mar 8, 2011