Andreas Steffen <andreas.stef...@strongswan.org> wrote: > an NTRU Encryption-based IKEv2 key exchange is actually what the > strongSwan open source VPN software has been offering with the > ntru plugin for more than a year:
> https://wiki.strongswan.org/projects/strongswan/wiki/NTRU > For the four security strengths of 112, 128, 192 and 256 bits > strongSwan is using the private-use DH groups 1030..1033 in > conjunction with the strongSwan Vendor ID. Cool... an ID explanining things would be a really good thing to have. > If you combine the NTRU key exchange with lattice-based BLISS > signatures in the AUTH payload > https://wiki.strongswan.org/projects/strongswan/wiki/BLISS > than you arrive at a 100% Quantum Resistant IKEv2 protocol > without the use of any PSKs. I don't know if the WG wants to add this to it's charter, but it sure would be nice to have a spec... -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec