Kerberos decryption, does Wireshark use subkeys?

kerberos
retag add tags

Hello,

I am decrypting Kerberos traffic using a keytab file, so I can see the subkey. Does Wireshark use these subkeys automatically to decrypt further messages? Because I am not sure which key was used to encrypt the messages.

I use Wireshark in version 3.2.4

I will specify my question a bit, is the Key Derivation Function of kerberos implemented in Wireshark (RFC3961)? So that Wireshark creates keys derived from the subkeys in the background and uses them for decryption.

Donlouigi91

asked 2020-06-09 16:23:02 +0000, updated 2020-06-10 09:31:24 +0000

edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

Be the first one to answer this question!

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Kerberos decryption, does Wireshark use subkeys? edit

Comments

Be the first one to answer this question!

Kerberos decryption, does Wireshark use subkeys?