Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 1420] 802.11 WPA/WPA2-PSK Unable to decode Group Keys

Wireshark-bugs: [Wireshark-bugs] [Bug 1420] 802.11 WPA/WPA2-PSK Unable to decode Group Keys

Date: Tue, 6 Mar 2007 05:27:37 +0000 (GMT)

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1420





------- Comment #2 from sohkamyung@xxxxxxxxx  2007-03-06 05:27 GMT -------
Created an attachment (id=543)
 --> (http://bugs.wireshark.org/bugzilla/attachment.cgi?id=543&action=view)
Edited capture file showing failure to get the groupkey for WPA2-PSK

See packet number 16 in the capture.  The '802.1X Authentication->WPA Key' area
holds encrypted data (because '802.1X Authentication->Key
Information->Encrypted Key Data Flag' is set).  This data is not decrypted by
Wireshark (in this case, AES Key Unwrap should be used with the Pairwise Key).

Once the data is decrypted, the WPA Key area holds two types of data: the
Authenticator's RSN IE followed by the actual Group Key as outlined in Section
8.5.2 under 'j) Key Data'.

Decryption Key details:
Type: WPA-PWD
Key: 68fatpipe68
SSID: FP-NETGEAR

Note: You may have to set 'Assume packets have FCS' in Preferences->IEEE 802.11


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

References:
- [Wireshark-bugs] [Bug 1420] New: 802.11 WPA/WPA2-PSK Unable to decode Group Keys
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 1420] 802.11 WPA/WPA2-PSK Unable to decode Group Keys
Next by Date: [Wireshark-bugs] [Bug 1386] LUA + Megaco/H248
Previous by thread: [Wireshark-bugs] [Bug 1420] 802.11 WPA/WPA2-PSK Unable to decode Group Keys
Next by thread: [Wireshark-bugs] [Bug 1386] LUA + Megaco/H248
Index(es):
- Date
- Thread