+1 Tero, Waiting for your IKEv2 quantum resistance slides to become available, as a great summary of the potential requirements.
-----Original Message----- From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Tero Kivinen Sent: Wednesday, July 20, 2016 12:56 PM To: Valery Smyslov <sva...@gmail.com> Cc: ipsec@ietf.org Subject: Re: [IPsec] New charter proposal Valery Smyslov writes: > > - Add Quantum Resistance for IKEv2 as new work item with milestone > > as Feb 2017 for IETF LC. > > This milestone looks a bit optimistic for me. > Otherwise the updated chapter looks good. The limited resistance we are talking about is in the same level of protection which IKEv1 has, i.e., PPK. We are not yet talking about doing using any quantum resistant protocols to generate the PPK, we just assume that the PPK comes through some out of band method and we can want to make sure we use it in the protocol in the way that makes IKEv2 quantum resistant in a way that traffic stored now using this extension cannot be decrypted after the quantum computers are there, and attackers can break Diffie-Hellman done in IKEv2. I.e., the actual work item is: IKEv1 using shared secret authentication was partially resistance to quantum computers. IKEv2 removed this feature to make the protocol more usable. The working group will add a mode to IKEv2 or otherwise modify IKEv2 to have similar quantum resistant properties than IKEv1 had. and I think we should be able to finish that in WG in the next 6 months. -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
