Hi Valery, Yes, In the future (after NIST process is completed or general purpose quantum computers are available), one may want to use post quantum key exchange only.
Happy with your last sentence. Cheers, CJ > On 2 Nov 2017, at 17:55, Valery Smyslov <[email protected]> wrote: > > Hi Cen Jung, > > I'd rather avoid focusing on hybrid key exchange only. In my understanding > hybrid key exchange will (should?) eventually > become PQ-only key exchange. That's why I'd rather express > charter in more generic way, so that it is applicable for > both hybrid and PQ-only cases, since both have the same problem with large > public keys. > > How about the followingy last sentence: > > The solution will allow post quantum key exchange to be performed in parallel > with (or instead of) the existing Diffie-Hellman key exchange. > > Regards, > Valery. > >> Hi Valery, >> Many thanks for providing the charter text on making IKEv2 post quantum key >> ready. >> Could we add another sentence to it so that it reads as follows: >> Postquantum Cryptography brings new key exchange methods. Most of >> these methods that are known to date have much larger public keys then >> conventional Diffie-Hellman public keys. Direct using these methods in >> IKEv2 might lead to a number of problems due to the increased size of >> initial IKEv2 messages. The working group will analyze the possible >> problems and develop a solution, that will make adding Postquantum key >> exchange methods more easy. The solution will allow post quantum key >> exchange to be performed in parallel with the existing Diffie-Hellman key >> exchange. Best regards, >> CJ > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
