This wiki has been migrated to and is now deprecated. Please use that site instead.

Datagram Transport Layer Security (DTLS)

DTLS is a derivation of SSL protocol. It provides the same security services (integrity, authentification and confidentiality) but under UDP protocol. DTLS is implemented by several projects including CyaSSL and the OpenSSL project.


This protocol was created to do that which SSL can't : to create a secure protocol under UDP. It's why this protocol is an adaptation of TLS 1.1

Protocol dependencies


The DTLS dissector works with the OpenSSL v0.9.8b DTLS implementation. It was written by Authesserre Samuel.

Preference Settings

If Wireshark is compiled with SSL decryption support, there will be a new option in the preferences for DTLS. This only works for RSA key exchange if the RSA keys can be provided. Study the SSL page for details how to configure the RSA private key.

Example capture file

Set RSA configuration to IP address:, Port:4433, Protocol:data, Key File:/path/to/snakeoil-rsa.key

Display Filter

A complete list of PROTO display filter fields can be found in the display filter reference.

Show only the DTLS based traffic:

Capture Filter

You cannot directly filter DTLS protocols while capturing. However, if you know the UDP port used (see above), you can filter on that one.

Capture only the DTLS traffic over the default port (80):


DTLS (last edited 2014-01-07 09:10:31 by doj)