Disabling Wireshark attempt to decrypt QUIC traffic

QUIC
encryption
retag add tags

Since I have disabled encryption in a QUIC implementation, the interaction between the client and server takes place in plain text. However, Wireshark still attempts to decrypt the interaction and fails to dissect the plain text. I am wondering if there is a way to disable Wireshark's attempt to decrypt QUIC traffic.

bathooman

asked 2022-07-20 08:45:29 +0000

edit flag offensive 0 remove flag close merge delete

Comments

Are you using a "standard" such as draft-banks-quic-disable-encryption-00 ?

Chuckc (2022-07-20 13:20:26 +0000) edit

The implementation (https://github.com/h2o/quicly) does not support it. So, I just disable encryption/decryption functions.

bathooman (2022-07-20 13:26:10 +0000) edit

add a comment see more comments

There are open issues (Disable encryption #181, Disable encryption #483) on the h2o/quicly Github.
It would be better if they would follow something like the draft-banks-quic-disable-encryption-00 which might then be added to Wireshark.

Until then, there is a GQUIC preference (QUIC: Add preference to force decode all payload) that maybe could be duplicated in the QUIC dissector. Please open a Enhancement/Feature request on the Wireshark Gitlab Issues page.

(If you open a Feature Request, please add a link back to this question)

Reference: Quic Conversation decipher

Chuckc

answered 2022-07-20 15:16:11 +0000, updated 2022-07-20 15:20:52 +0000

edit flag offensive 0 remove flag delete link

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Disabling Wireshark attempt to decrypt QUIC traffic edit

Comments

1 Answer

Comments