Hello ipsecme, We've posted a draft specifying the use of AES-GCM-SIV in IKEv2 and ESP: https://datatracker.ietf.org/doc/html/draft-guthrie-ipsecme-aes-gcm-siv. Since AES-GCM-SIV is based on AES-GCM, the draft is able to leverage much of the RFCs that specify the use of AES-GCM in IKE (RFC 5282) and ESP (RFC 4106), but there are a few differences between the algorithms substantive enough that AES-GCM-SIV seems to warrant its own specification (along with requesting a Transform Type 1 identifier from IANA).
Comments and feedback are welcome. If there is interest and time on the agenda, I would be happy to talk about the draft for a few minutes in Madrid. Thanks! Rebecca Rebecca Guthrie she/her Center for Cybersecurity Standards (CCSS) Cybersecurity Collaboration Center (CCC) National Security Agency (NSA) _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
