How do I configure Wireshare to decrypt AES-GCM ESP packets when there is no obvious way to configure the IV?

ESP
IV
AES-GCM

asked 2025-08-14 07:51:02 +0000

dgnis
1

updated 2025-08-14 11:55:45 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23850 ●4 ●989 ●227 https://www.wireshark.org

I would like to decrypt ESP packets using AES-GCM . Wireshark purports to support this algorithm and I can select it in the AES preferences menu however, while I can configure the key, there is no obvious provision to configure the Initialization Vector, without which the packets cannot be decrypted. How do I configure this value in Wireshark. I am using v4.4.7.

edit retag flag offensive close merge delete

Comments

Example configuration steps:
3444: ipsec: refactor the decryption and dissection of ESP packets

The sample captures and config data on Wiki: wiki:ipsec

Chuckc ( 2025-08-14 12:15:07 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

How do I configure Wireshare to decrypt AES-GCM ESP packets when there is no obvious way to configure the IV?

Comments

1 Answer

Your Answer

Question Tools

Stats

Related questions

How do I configure Wireshare to decrypt AES-GCM ESP packets when there is no obvious way to configure the IV? edit

Comments

1 Answer