802.15.4-2003 secure CCM decryption

802.15.4-2003
CCM
security
retag add tags

Hi,

I'm trying to decode a secure 802.15.4 packet. The packet is encrypted with AES-CCM-32 (802.15.4-2003). They key is an all zeros vector (0000....) Entered this key in the "decryption keys" window, with index 0 and "No hash". when receiving a secure packet, I get a "Expert Info (Warning/Undecoded): No encryption key set - can't decrypt" message The decoded frame counter, sequence number and the MIC are decoded correctly. It also seems that Wireshark does try to do some sort of decoding, as it displays the "Data" field with the correct size, but with a "garbaged" data (not the one that's in the packet). Am I doing something wrong?

Thanks, Isak.

isak

asked 2021-08-19 15:58:03 +0000

edit flag offensive 0 remove flag close merge delete

Comments

There is a pcap attached to Wireshark crashes during IEEE 802.15.4 decryption and key in the comments.
Try them to see that a known good can be decrypted.

Chuckc (2021-08-19 18:26:33 +0000) edit

add a comment see more comments

Be the first one to answer this question!

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

802.15.4-2003 secure CCM decryption edit

Comments

Be the first one to answer this question!

802.15.4-2003 secure CCM decryption