Andreas Steffen wrote:
> an NTRU Encryption-based IKEv2 key exchange is actually what the
> strongSwan open source VPN software has been offering with the
> ntru plugin for more than a year:
> https://wiki.strongswan.org/projects/strongswan/wiki/NTRU
I read a bit about NTRU on w
Even in a world where quantum computers are a risk that we need to
consider in our crypto, QKD will still remain a niche.
So to go back to the original question, NTRU+BLISS are a possible
solution if we care about this problem. QKD is not.
Thanks,
Yaron
On 08/24/2015 06:36 PM, Paul W
On Mon, 24 Aug 2015, Tero Kivinen wrote:
I think we should continue pushing the
draft-nagayama-ipsecme-ipsec-with-qkd forward, and specify it as
generic method where out of band shared keys can be brought in to the
SKEYSEED or KEYMAT.
+1
Paul
___
I
Valery Smyslov writes:
> SKEYSEED = prf(Ni | Nr, g^ir)
> {SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr} = prf+
> (SKEYSEED, Ni | Nr | SPIi | SPIr)
>
> This change was intentional, it was made by Hugo Krawczyk during
> work on IKEv2 due to complaints from the community that if IKEv1 PSK
>
Andreas Steffen wrote:
> an NTRU Encryption-based IKEv2 key exchange is actually what the
> strongSwan open source VPN software has been offering with the
> ntru plugin for more than a year:
> https://wiki.strongswan.org/projects/strongswan/wiki/NTRU
> For the four security
--
From: m...@sandelman.ca [mailto:m...@sandelman.ca] On Behalf Of Michael
Richardson
Sent: Wednesday, August 19, 2015 22:05
To: Mike Borza
Cc: Dan Harkins ; IPsecME WG
Subject: Re: [IPsec] PSK mode
Mike Borza wrote:
> They don't mention IKEv2. I don't know IKEv2 well enoug
> On Aug 20, 2015, at 10:26 AM, Scott Fluhrer (sfluhrer)
> wrote:
>
>> ...
>> Does NSA mean this difference when claiming that IKEv1 PSK mode is the
>> only QC-safe protocol?
>
> I believe so.
>
>> Should we add similar mode to IKEv2?
>
> I believe that there is an easier alternative; the pr
Hi Scott,
an NTRU Encryption-based IKEv2 key exchange is actually what the
strongSwan open source VPN software has been offering with the
ntru plugin for more than a year:
https://wiki.strongswan.org/projects/strongswan/wiki/NTRU
For the four security strengths of 112, 128, 192 and 256 bits
st
> -Original Message-
> From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Valery Smyslov
> Sent: Thursday, August 20, 2015 3:24 AM
> To: Mike Borza; Michael Richardson; Dan Harkins
> Cc: IPsecME WG
> Subject: Re: [IPsec] PSK mode
>
> Hi,
>
> IKEv2 has
We should ask the NSA authors or their proxies before we do anything.
Heck, maybe some NSA folks might even want to contribute to such an
extension to IKEv2. We are in absolutely no rush, given how long it will
be before serious researchers think there are practical quantum
computers.
--Paul
ecME WG
Subject: Re: [IPsec] PSK mode
Dan Harkins wrote:
> https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
> "CSfC deployments involving an IKE/IPsec layer may use RFC
> 2409-conformant implementations of the IKE standard (IKEv1)
> together with lar
Mike Borza wrote:
> They don't mention IKEv2. I don't know IKEv2 well enough to know
> whether there are any symmetric PSK authentication schemes, but if not,
> perhaps there should be. The point they're making is that the
There are PSK methods.
But, all the methods also use tradit
irect statement that the capability would be
available in a reasonable timeframe, but I wasn't surprised not to see it.
Mike
-Original Message-
From: paul_kon...@dell.com [mailto:paul_kon...@dell.com]
Sent: Wednesday, August 19, 2015 13:49
To: Mike Borza
Cc: mcr+i...@sandelman.ca;
> On Aug 19, 2015, at 1:32 PM, Mike Borza wrote:
>
> They don't mention IKEv2. I don't know IKEv2 well enough to know whether
> there are any symmetric PSK authentication schemes, but if not, perhaps there
> should be. The point they're making is that the ECC-based authentication
> methods
e viable QCs of that capability in the five to ten
years timeframe.
Mike
-Original Message-
From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Michael Richardson
Sent: Wednesday, August 19, 2015 13:17
To: Dan Harkins
Cc: IPsecME WG
Subject: Re: [IPsec] PSK mode
Dan Harkins wro
Dan Harkins wrote:
> https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
> "CSfC deployments involving an IKE/IPsec layer may use RFC
> 2409-conformant implementations of the IKE standard (IKEv1)
> together with large, high-entropy, pre-shared keys and the
> AES-2
https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
"CSfC deployments involving an IKE/IPsec layer may use RFC
2409-conformant implementations of the IKE standard (IKEv1)
together with large, high-entropy, pre-shared keys and the
AES-256 encryption algorithm. RFC 2409 is t
17 matches
Mail list logo