Nice RFC, I will help to reviews this rfc
Karan
On Fri, Aug 21, 2015 at 4:04 AM, wrote:
> A new Request for Comments is now available in online RFC libraries.
>
>
> RFC 7634
>
> Title: ChaCha20, Poly1305, and Their Use
> in the Internet Key Exchange Pr
Nice job, Yoav and to those that helped with reviews, comments,
shepherding, etc.!
Kathleen
-- Forwarded message --
From:
Date: Thu, Aug 20, 2015 at 6:34 PM
Subject: [IPsec] RFC 7634 on ChaCha20, Poly1305, and Their Use in the
Internet Key Exchange Protocol (IKE) and IPsec
To:
A new Request for Comments is now available in online RFC libraries.
RFC 7634
Title: ChaCha20, Poly1305, and Their Use
in the Internet Key Exchange Protocol
(IKE) and IPsec
Author: Y. Nir
Status: Stan
If I understand your point correctly, QC doesn't improve the rate at which hash
collisions may be found, at least not by any currently known (to me) algorithm.
In the case of the asymmetric algorithms, Shor's algorithm and close variants
make an attack on the keyspace more practical. (When suf
> On Aug 20, 2015, at 10:26 AM, Scott Fluhrer (sfluhrer)
> wrote:
>
>> ...
>> Does NSA mean this difference when claiming that IKEv1 PSK mode is the
>> only QC-safe protocol?
>
> I believe so.
>
>> Should we add similar mode to IKEv2?
>
> I believe that there is an easier alternative; the pr
Hi Scott,
an NTRU Encryption-based IKEv2 key exchange is actually what the
strongSwan open source VPN software has been offering with the
ntru plugin for more than a year:
https://wiki.strongswan.org/projects/strongswan/wiki/NTRU
For the four security strengths of 112, 128, 192 and 256 bits
st
> -Original Message-
> From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Valery Smyslov
> Sent: Thursday, August 20, 2015 3:24 AM
> To: Mike Borza; Michael Richardson; Dan Harkins
> Cc: IPsecME WG
> Subject: Re: [IPsec] PSK mode
>
> Hi,
>
> IKEv2 has symmetrick PSK authentication
We should ask the NSA authors or their proxies before we do anything.
Heck, maybe some NSA folks might even want to contribute to such an
extension to IKEv2. We are in absolutely no rush, given how long it will
be before serious researchers think there are practical quantum
computers.
--Paul
Hi,
IKEv2 has symmetrick PSK authentication method. However, it is different from
IKEv1.
The difference is that in IKEv1 the session keys computation involves both
preshared key
and DH shared secret
SKEYID = prf(pre-shared-key, Ni_b | Nr_b)
SKEYID_d = prf(SKEYID, g^xy | CKY-I | CKY-R | 0)
SKEY