Ask Your Question

Revision history [back]

Kerberos decryption, does Wireshark use subkeys?

Hello,

I am decrypting Kerberos traffic using a keytab file, so I can see the subkey. Does Wireshark use these subkeys automatically to decrypt further messages? Because I am not sure which key was used to encrypt the messages.

I use Wireshark in version 3.2.4

Kerberos decryption, does Wireshark use subkeys?

Hello,

I am decrypting Kerberos traffic using a keytab file, so I can see the subkey. Does Wireshark use these subkeys automatically to decrypt further messages? Because I am not sure which key was used to encrypt the messages.

I use Wireshark in version 3.2.4

I will specify my question a bit, is the Key Derivation Function of kerberos implemented in Wireshark (RFC3961)? So that Wireshark creates keys derived from the subkeys in the background and uses them for decryption.