Ask Your Question

Decrypting SAE packets in Wireshark

asked 2019-10-23 15:50:20 +0000

Amato_C gravatar image

updated 2019-10-24 10:13:31 +0000

grahamb gravatar image

Is it possible to decrypt Simultaneous Authentication of Equals (SAE) using Wireshark? SAE is part of WPA-3 personal authentication.

I have a capture that I can share, but I wanted to know if it is technically possible.

edit retag flag offensive close merge delete


Wildshark? Presumably a typo.

grahamb gravatar imagegrahamb ( 2019-10-23 16:48:14 +0000 )edit

Yes, it was a typo. I corrected it. Sorry for the confusion

Amato_C gravatar imageAmato_C ( 2019-10-23 17:42:30 +0000 )edit

At least some work in the area from the great people working on Wireshark.

Bob Jones gravatar imageBob Jones ( 2019-10-24 13:28:52 +0000 )edit

Thank you Mr. Bob Jones!

Amato_C gravatar imageAmato_C ( 2019-10-24 17:11:46 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2023-05-03 13:47:39 +0000

Sascha gravatar image

Hi Amato,

funny to see you again in a Wireshark forum after all those years. We used to work together, remember? I am one of the Bochum guys...

To answer your question: You need to retrieve not only the air traffic, but also the key from either hostapd or wpa_supplicant by using the -d -K flags. You'll find it explained in more detail here:

Hope this helps (although it may be way too late),


edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2019-10-23 15:50:20 +0000

Seen: 866 times

Last updated: May 03 '23