This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

if the new version of wireshark should have the decipher function in umts_rlc AM and UM?

0

if the new version of wireshark should have the decipher function in umts_rlc AM and UM?

I'm desired to have new wireshark which could help me to decipher in ciphered message.

asked 31 Jan '13, 02:24

smilezuzu's gravatar image

smilezuzu
20323237
accept rate: 0%


One Answer:

0

Hi,

deciphering code cannot be included by default due to patent restriction (see http://www.etsi.org/services/security-algorithms/3gpp-algorithms and http://www.gsma.com/technicalprojects/fraud-security/security-algorithms).

That said in current Wireshark development version (a.k.a. 1.9 version, nightly builds can be found here: http://www.wireshark.org/download/automated/) has a partial support of the KASUMI deciphering. But you need to add yourself the KASUMI engine source code (it's already in the 3GPP specs if I remember correctly) and recompile the source code after modifying the epan/crypt/kasumi.h file.

answered 31 Jan '13, 05:06

Pascal%20Quantin's gravatar image

Pascal Quantin
5.5k1060
accept rate: 30%

a.k.a. 1.9 version?? wireshark1.9.? have been released?

The latest version is wireshark1.8.5 on the download website.

(31 Jan '13, 19:46) smilezuzu

"development version (a.k.a. 1.9 version,..." - means just that the verson under development that will eventually be released, possibly as 1.10. We do supply builds of the development tree for people to try out.

(31 Jan '13, 22:59) Anders ♦

where could I get the latest development version? Thanks!

(05 Feb '13, 01:29) smilezuzu
(05 Feb '13, 01:39) grahamb ♦