Wireshark-dev: [Wireshark-dev] Are AEAD cyphers accepted for IKEv2 decryption table?
From: Codrut Grosu <[email protected]>
Date: Tue, 2 Aug 2016 07:51:47 +0000

Hi,

I'm working at a strongSwan plugin that will generate a IKEv2 decryption table for wireshark.

In IKEv2 decryption table(wireshark) at encryption algorithm field there are only the following algorithms: "3DES[RFC2451]", "AES-CBC-128[RFC3602]", "AES-CBC-192[RFC3602]", "AES-CBC-256[RFC3602]" and "NULL[RFC2410]".

But strongSwan accepts AEAD cyphers like: AES_CCM_ICV8, AES_CCM_ICV12, AES_CCM_ICV16, AES_GCM_ICV8, AES_GCM_ICV12, AES_GCM_ICV16, NULL_AUTH_AES_GMAC, CAMELLIA_CCM_ICV8, CAMELLIA_CCM_ICV12, CAMELLIA_CCM_ICV16 and CHACHA20_POLY1305.

So, wireshark can decrypt packets that are encrypted with AEAD cyphers?

Thanks, Codrut