This draft incorporates some minor text fixes, nits, small updates and
PPK_SUPPORT notification is changed to USE_PPK to better reflect its purpose.
It also includes two more important changes
- Clarified using PPK in case of EAP authentication. It follow the same
rational as IKE_AUTH in the last version of the draft.
- prf is replaced with prf+ for the SK_d and SK_pi/r calculations. That is done
to accommodate potential user cases where the prf output size is not equal to
the preferred key size.
We think this draft is ready for LC, after the two above changes are reviewed.
Panos
-Original Message-
From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of
internet-dra...@ietf.org
Sent: Thursday, December 21, 2017 11:00 AM
To: i-d-annou...@ietf.org
Cc: ipsec@ietf.org
Subject: [IPsec] I-D Action: draft-ietf-ipsecme-qr-ikev2-01.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions WG of
the IETF.
Title : Postquantum Preshared Keys for IKEv2
Authors : Scott Fluhrer
David McGrew
Panos Kampanakis
Valery Smyslov
Filename: draft-ietf-ipsecme-qr-ikev2-01.txt
Pages : 18
Date: 2017-12-21
Abstract:
The possibility of Quantum Computers pose a serious challenge to
cryptography algorithms deployed widely today. IKEv2 is one example
of a cryptosystem that could be broken; someone storing VPN
communications today could decrypt them at a later time when a
Quantum Computer is available. It is anticipated that IKEv2 will be
extended to support quantum secure key exchange algorithms; however
that is not likely to happen in the near term. To address this
problem before then, this document describes an extension of IKEv2 to
allow it to be resistant to a Quantum Computer, by using preshared
keys.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ipsecme-qr-ikev2/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-ipsecme-qr-ikev2-01
https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-qr-ikev2-01
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-qr-ikev2-01
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec