Wireless Transport Layer Security (WTLS)

Wireless Transport Layer Service is an optional protocol which provides bearer-level security, in a way similar to TLS for end-to-end security. If the wireless bearer already provides over-the-air security (to make eavesdropping more difficult by encrypting the data sent over the air), then WTLS is not required. This is the case for GSM CSD and GSM GPRS for example.

/!\ It is a common misconception that WTLS provides end-to-end security in WAP. This is not true. This "myth" probably originated in the way a secure HTTP connection is initiated by writing "https://" instead of "http://" in your web browser. The analogy was thougt to be the presence of WTLS. This issue is that between the WSP client device and the WAP Gateway, the URL is sent in cleartext and the HTTP response is sent back in cleartext to the device.


XXX - add a brief description of WTLS history

Protocol dependencies


Depending on the protocol stack, 4 different standard WDP (UDP) ports have been defined. When WTLS is used, then the ports are 9202 (CL-WSP) and 9203 (CO-WSP). WSP can run on other ports too.

Example traffic

XXX - Add example traffic here (as plain text or Wireshark screenshot).


The WTLS dissector is fully functional. Decryption however is not provided yet.

Preference Settings

There are no preferences for WTLS in Wireshark.

Example capture file

XXX - Add a simple example capture file to the SampleCaptures page and link from here. Keep it short, it's also a good idea to gzip it to make it even smaller, as Wireshark can open gzipped files automatically.

Display Filter

A complete list of WTLS display filter fields can be found in the display filter reference

Capture Filter

You cannot directly filter WTLS traffic while capturing. However, if you know the transport protocol (bearer) used (see above), you can filter on that one.


Wireless_Transport_Layer_Security (last edited 2008-04-12 17:50:19 by localhost)