Re: [IPsec] Proposed method to achieve quantum resistant IKEv2

On Thu, 3 Aug 2017, Graham Bartlett (grbartle) wrote: 1.  The IKE_AUTH exchange is protected using the quantum secure algorithms. So all attributes within the IKE exchange are protected against passive attacks, which wouldn’t be the case should the quantum resistant ‘blob’ be sent in

Re: [IPsec] Proposed method to achieve quantum resistant IKEv2

Hi Scott, >> The other question about your proposed mechanism is how does it work; you >> just outline >> a way to exchange ‘quantum resistant’ blobs, and don’t say how those blobs >> actually work. >> I’m not talking about the cryptography, I’m talking about the >> authentication. For an >>

Re: [IPsec] Proposed method to achieve quantum resistant IKEv2

Scott Fluhrer (sfluhrer) wrote: > EAP; frankly, I’m not that familiar with EAP, however, if EAP isn’t currently > postquantum secure, it may make sense for that protocol to be updated. EAP is a framework for a set of algorithms, some of which are are as stupid as

[IPsec] Proposed method to achieve quantum resistant IKEv2

Hi After listening to the Prague meeting Dan Harkins raised the point that the Quantum Resistant IKEv2 implementation should protect passive attacks, where traffic that traffic that is sent and is captured today should be resilient to an adversary with a quantum computer in the future. But