Hi,
Please find a new version of the draft-mglt-ipsecme-clone-ike-sa-05. In this
version, we added text to reflect the discussion of the load balancing IPsec
VPNs [1].
Feel free to comment the current document.
BR,
Daniel
[1]
On Mon, 24 Aug 2015, Tero Kivinen wrote:
I think we should continue pushing the
draft-nagayama-ipsecme-ipsec-with-qkd forward, and specify it as
generic method where out of band shared keys can be brought in to the
SKEYSEED or KEYMAT.
+1
Paul
___
Valery Smyslov writes:
SKEYSEED = prf(Ni | Nr, g^ir)
{SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr} = prf+
(SKEYSEED, Ni | Nr | SPIi | SPIr)
This change was intentional, it was made by Hugo Krawczyk during
work on IKEv2 due to complaints from the community that if IKEv1 PSK
auth
Even in a world where quantum computers are a risk that we need to
consider in our crypto, QKD will still remain a niche.
So to go back to the original question, NTRU+BLISS are a possible
solution if we care about this problem. QKD is not.
Thanks,
Yaron
On 08/24/2015 06:36 PM, Paul
Andreas Steffen andreas.stef...@strongswan.org wrote:
an NTRU Encryption-based IKEv2 key exchange is actually what the
strongSwan open source VPN software has been offering with the
ntru plugin for more than a year:
https://wiki.strongswan.org/projects/strongswan/wiki/NTRU
I
Greetings. There was some general interest in having a standard way to
modern elliptic curves for ephemeral key exchange. Please respond in
this thread whether or no you think this document is a good start on
that work, and whether or not you think the WG should have this as a
work item.
I think this would be a good feature for the WG to work on, and that this
document provides a good start.
Thanks,
Tommy Pauly
On Aug 24, 2015, at 3:58 PM, Paul Hoffman paul.hoff...@vpnc.org wrote:
Greetings. There was some general interest in having a standard way to modern
elliptic
On Mon, 24 Aug 2015, Paul Hoffman wrote:
Subject: [IPsec] Call for adoption: draft-nir-ipsecme-curve25519 as a WG work
item
Note that I tried looking at the document and pasted it into google and
oddly got:
https://tools.ietf.org/html/draft-nir-ipsecme-curve25519-00
which does NOT list