This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I noticed that for AES256, 36 bytes should be supplied as a key (instead of 32 bytes). What is the origin of the extra 4 bytes? And in general, what is the format that should be given for such decryption key?

asked 15 Sep '13, 06:31

YuvalAdler's gravatar image

YuvalAdler
11113
accept rate: 0%

I noticed that for AES256, 36 bytes should be supplied as a key (instead of 32 bytes).

I'm just curious. Where did you notice that?

(15 Sep '13, 12:33) Kurt Knochner ♦

From RFC 4106 Section 8.1:

AES-GCM-ESP with a 256 bit key The KEYMAT requested for each AES GCM key is 36 octets. The first 32 octets are the 256-bit AES key, and the remaining four octets are used as the salt value in the nonce.

permanent link

answered 15 Sep '13, 17:11

cmaynard's gravatar image

cmaynard ♦♦
9.3k1038142
accept rate: 20%

I see, Thanks! (Kurt - this is on Wireshark 1.10.1)

(15 Sep '13, 22:17) YuvalAdler
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×165
×2
×2

question asked: 15 Sep '13, 06:31

question was seen: 1,875 times

last updated: 15 Sep '13, 22:17

p​o​w​e​r​e​d by O​S​Q​A