How to decipher NAS 5GS message (wireshark)


I’m trying to inspect the content of NAS messages sent between UE and CN, is there a tool to achieve that?
I suppose this is possible as we have access to the UE subscription profile and CN database.
Also, I have all the traffic (from UE registration to PDU session establishment) captured.

This is the encrypted message seen from Wireshark.

Ok,’ I’ve found the solution.
In Wireshark go to preferences -> Protocols -> NAS-5GS -> check the box “Try to detect and decode 5G-EA0 ciphered message”
Not sure how much traffic you need for that, but it worked for me.

Hi @konradkar2,
thanks for sharing :clap: