Hello, On Mon, Nov 02, 2015 at 09:06:38PM +0100, Yves-Alexis Perez wrote: > On lun., 2015-11-02 at 20:36 +0100, Nicolas Braud-Santoni wrote: > > The NTRU and BLISS post-quantum cryptosystems are available in strongswan > > (releases 5.1.2 and 5.2.2, respectively). > > There's a lot of stuff available in strongSwan. We don't actually enable > everything, on purpose.
Post-quantum key-exchange, as provided by NTRU, is needed by users who want to provide forward-secrecy in the mid/long-term, given that quantum computers might become a legitimate threat within the next 5 or 10 years (and we are aware that some people do collect and save traffic for later cryptanalysis). BLISS, while potentially nice-to-have, is (in my opinion) less of an immediate concern given the unlikelyhood of the signature schemes currently-available in strongswan being broken. The difference here being that migrating to safer signature scheme might happen as needed (modulo the time required to deploy new configuration), whereas future threat against the encryption (including key-exchange) threaten the forward-secrecy of traffic being currently exchanged. > Point release update won't happen. I can't talk about backports, I'm not > interested in them right now. Ok. Best regards, nicoo
signature.asc
Description: Digital signature
