How can you distinguish between ECDHE and RSA key exchange in a TLS handshake?

The key difference lies in how the session’s secret is established during the handshake. In RSA key exchange, the client creates the premaster secret and sends it to the server encrypted with the server’s public RSA key inside the ClientKeyExchange; there’s no separate ephemeral key material exchanged. In contrast, with ECDHE, the server sends ephemeral elliptic-curve Diffie-Hellman parameters in the ServerKeyExchange (the curve and the server’s public point) and signs this data; both sides then derive the shared secret from the DH exchange. So, in a capture, you distinguish them by inspecting the handshake messages: if you see a ServerKeyExchange carrying ECParameters and a signature, that’s ECDHE. If that message isn’t present and you only see a ClientKeyExchange with the encrypted premaster secret, that’s RSA. Wireshark also labels the specific key-exchange algorithm (for example, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256), which confirms the method.