Hi, the new version addresses comments received in the ML. It also adds an option of using PPK in the CREATE_CHILD_SA exchange.
Regards, Valery. > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Friday, October 20, 2023 9:27 AM > To: Valery Smyslov > Subject: New Version Notification for > draft-smyslov-ipsecme-ikev2-qr-alt-09.txt > > A new version of Internet-Draft draft-smyslov-ipsecme-ikev2-qr-alt-09.txt has > been successfully submitted by Valery Smyslov and posted to the > IETF repository. > > Name: draft-smyslov-ipsecme-ikev2-qr-alt > Revision: 09 > Title: Alternative Approach for Mixing Preshared Keys in IKEv2 for > Post-quantum Security > Date: 2023-10-19 > Group: Individual Submission > Pages: 11 > URL: > https://www.ietf.org/archive/id/draft-smyslov-ipsecme-ikev2-qr-alt-09.txt > Status: https://datatracker.ietf.org/doc/draft-smyslov-ipsecme-ikev2-qr-alt/ > HTMLized: > https://datatracker.ietf.org/doc/html/draft-smyslov-ipsecme-ikev2-qr-alt > Diff: > https://author-tools.ietf.org/iddiff?url2=draft-smyslov-ipsecme-ikev2-qr-alt-09 > > Abstract: > > An Internet Key Exchange protocol version 2 (IKEv2) extension defined > in RFC8784 allows IPsec traffic to be protected against someone > storing VPN communications today and decrypting it later, when (and > if) cryptographically relevant quantum computers are available. The > protection is achieved by means of Post-quantum Preshared Key (PPK) > which is mixed into the session keys calculation. However, this > protection doesn't cover an initial IKEv2 SA, which might be > unacceptable in some scenarios. This specification defines an > alternative way to get protection against quantum computers, which is > similar to the solution defined in RFC8784, but protects the initial > IKEv2 SA too. > > Besides, RFC8784 assumes that PPKs are static and thus they are only > used when an initial IKEv2 Security Association (SA) is created. If > a fresh PPK is available before the IKE SA is expired, then the only > way to use it is to delete the current IKE SA and create a new one > from scratch, which is inefficient. This specification also defines > a way to use PPKs in active IKEv2 SA for creating additional IPsec > SAs and for rekeys operations. > > > > The IETF Secretariat _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
