On Thu, 3 Aug 2017, Graham Bartlett (grbartle) wrote:
1. The IKE_AUTH exchange is protected using the quantum secure algorithms.
So all attributes within the IKE
exchange are protected against passive attacks, which wouldn’t be the case
should the quantum resistant ‘blob’ be
sent in
Hi Scott,
>> The other question about your proposed mechanism is how does it work; you
>> just outline
>> a way to exchange ‘quantum resistant’ blobs, and don’t say how those blobs
>> actually work.
>> I’m not talking about the cryptography, I’m talking about the
>> authentication. For an
>>
Scott Fluhrer (sfluhrer) wrote:
> EAP; frankly, I’m not that familiar with EAP, however, if EAP isn’t
currently
> postquantum secure, it may make sense for that protocol to be updated.
EAP is a framework for a set of algorithms, some of which are are as stupid
as
Hi
After listening to the Prague meeting Dan Harkins raised the point that the
Quantum Resistant IKEv2 implementation should protect passive attacks, where
traffic that traffic that is sent and is captured today should be resilient to
an adversary with a quantum computer in the future. But