Hi Cen Jung,
I'd rather avoid focusing on hybrid key exchange only.
In my understanding hybrid key exchange will (should?) eventually
become PQ-only key exchange. That's why I'd rather express
charter in more generic way, so that it is applicable for
both hybrid and PQ-only cases, since both have the same problem
with large public keys.
How about the followingy last sentence:
The solution will allow post quantum key exchange to be
performed in parallel with (or instead of) the existing Diffie-Hellman key
exchange.
Regards,
Valery.
Hi Valery,
Many thanks for providing the charter text on making IKEv2 post quantum key
ready.
Could we add another sentence to it so that it reads as follows:
Postquantum Cryptography brings new key exchange methods. Most of
these methods that are known to date have much larger public keys then
conventional Diffie-Hellman public keys. Direct using these methods in
IKEv2 might lead to a number of problems due to the increased size of
initial IKEv2 messages. The working group will analyze the possible
problems and develop a solution, that will make adding Postquantum key
exchange methods more easy. The solution will allow post quantum key
exchange to be performed in parallel with the existing Diffie-Hellman key
exchange.
Best regards,
CJ
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
