Andreas Steffen <andreas.stef...@strongswan.org> wrote:
> an NTRU Encryption-based IKEv2 key exchange is actually what the
> strongSwan open source VPN software has been offering with the
> ntru plugin for more than a year:
> https://wiki.strongswan.org/projects/strongswan/wiki/NTRU
> For the four security strengths of 112, 128, 192 and 256 bits
> strongSwan is using the private-use DH groups 1030..1033 in
> conjunction with the strongSwan Vendor ID.
Cool... an ID explanining things would be a really good thing to have.
> If you combine the NTRU key exchange with lattice-based BLISS
> signatures in the AUTH payload
> https://wiki.strongswan.org/projects/strongswan/wiki/BLISS
> than you arrive at a 100% Quantum Resistant IKEv2 protocol
> without the use of any PSKs.
I don't know if the WG wants to add this to it's charter, but it sure
would be nice to have a spec...
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
