Re: [IPsec] RFC 7634 on ChaCha20, Poly1305, and Their Use in the Internet Key Exchange Protocol (IKE) and IPsec

2015-08-20 Thread KARAN VERMA
Nice RFC, I will help to reviews this rfc Karan On Fri, Aug 21, 2015 at 4:04 AM, wrote: > A new Request for Comments is now available in online RFC libraries. > > > RFC 7634 > > Title: ChaCha20, Poly1305, and Their Use > in the Internet Key Exchange Pr

[IPsec] Fwd: RFC 7634 on ChaCha20, Poly1305, and Their Use in the Internet Key Exchange Protocol (IKE) and IPsec

2015-08-20 Thread Kathleen Moriarty
Nice job, Yoav and to those that helped with reviews, comments, shepherding, etc.! Kathleen -- Forwarded message -- From: Date: Thu, Aug 20, 2015 at 6:34 PM Subject: [IPsec] RFC 7634 on ChaCha20, Poly1305, and Their Use in the Internet Key Exchange Protocol (IKE) and IPsec To:

[IPsec] RFC 7634 on ChaCha20, Poly1305, and Their Use in the Internet Key Exchange Protocol (IKE) and IPsec

2015-08-20 Thread rfc-editor
A new Request for Comments is now available in online RFC libraries. RFC 7634 Title: ChaCha20, Poly1305, and Their Use in the Internet Key Exchange Protocol (IKE) and IPsec Author: Y. Nir Status: Stan

Re: [IPsec] PSK mode

2015-08-20 Thread Mike Borza
If I understand your point correctly, QC doesn't improve the rate at which hash collisions may be found, at least not by any currently known (to me) algorithm. In the case of the asymmetric algorithms, Shor's algorithm and close variants make an attack on the keyspace more practical. (When suf

Re: [IPsec] PSK mode

2015-08-20 Thread Paul_Koning
> On Aug 20, 2015, at 10:26 AM, Scott Fluhrer (sfluhrer) > wrote: > >> ... >> Does NSA mean this difference when claiming that IKEv1 PSK mode is the >> only QC-safe protocol? > > I believe so. > >> Should we add similar mode to IKEv2? > > I believe that there is an easier alternative; the pr

Re: [IPsec] PSK mode

2015-08-20 Thread Andreas Steffen
Hi Scott, an NTRU Encryption-based IKEv2 key exchange is actually what the strongSwan open source VPN software has been offering with the ntru plugin for more than a year: https://wiki.strongswan.org/projects/strongswan/wiki/NTRU For the four security strengths of 112, 128, 192 and 256 bits st

Re: [IPsec] PSK mode

2015-08-20 Thread Scott Fluhrer (sfluhrer)
> -Original Message- > From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Valery Smyslov > Sent: Thursday, August 20, 2015 3:24 AM > To: Mike Borza; Michael Richardson; Dan Harkins > Cc: IPsecME WG > Subject: Re: [IPsec] PSK mode > > Hi, > > IKEv2 has symmetrick PSK authentication

Re: [IPsec] PSK mode

2015-08-20 Thread Paul Hoffman
We should ask the NSA authors or their proxies before we do anything. Heck, maybe some NSA folks might even want to contribute to such an extension to IKEv2. We are in absolutely no rush, given how long it will be before serious researchers think there are practical quantum computers. --Paul

Re: [IPsec] PSK mode

2015-08-20 Thread Valery Smyslov
Hi, IKEv2 has symmetrick PSK authentication method. However, it is different from IKEv1. The difference is that in IKEv1 the session keys computation involves both preshared key and DH shared secret SKEYID = prf(pre-shared-key, Ni_b | Nr_b) SKEYID_d = prf(SKEYID, g^xy | CKY-I | CKY-R | 0) SKEY