On Mon, 24 Aug 2015, Tero Kivinen wrote:
I think we should continue pushing the
draft-nagayama-ipsecme-ipsec-with-qkd forward, and specify it as
generic method where out of band shared keys can be brought in to the
SKEYSEED or KEYMAT.
+1
Paul
___
Valery Smyslov writes:
SKEYSEED = prf(Ni | Nr, g^ir)
{SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr} = prf+
(SKEYSEED, Ni | Nr | SPIi | SPIr)
This change was intentional, it was made by Hugo Krawczyk during
work on IKEv2 due to complaints from the community that if IKEv1 PSK
auth
Even in a world where quantum computers are a risk that we need to
consider in our crypto, QKD will still remain a niche.
So to go back to the original question, NTRU+BLISS are a possible
solution if we care about this problem. QKD is not.
Thanks,
Yaron
On 08/24/2015 06:36 PM, Paul
Andreas Steffen andreas.stef...@strongswan.org wrote:
an NTRU Encryption-based IKEv2 key exchange is actually what the
strongSwan open source VPN software has been offering with the
ntru plugin for more than a year:
https://wiki.strongswan.org/projects/strongswan/wiki/NTRU
I
: IPsecME WG ipsec@ietf.org
Subject: Re: [IPsec] PSK mode
Dan Harkins dhark...@lounge.org wrote:
https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
CSfC deployments involving an IKE/IPsec layer may use RFC
2409-conformant implementations of the IKE standard (IKEv1)
together
...@sandelman.ca [mailto:m...@sandelman.ca] On Behalf Of Michael
Richardson
Sent: Wednesday, August 19, 2015 22:05
To: Mike Borza mbo...@elliptictech.com
Cc: Dan Harkins dhark...@lounge.org; IPsecME WG ipsec@ietf.org
Subject: Re: [IPsec] PSK mode
Mike Borza mbo...@elliptictech.com wrote
-Original Message-
From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Valery Smyslov
Sent: Thursday, August 20, 2015 3:24 AM
To: Mike Borza; Michael Richardson; Dan Harkins
Cc: IPsecME WG
Subject: Re: [IPsec] PSK mode
Hi,
IKEv2 has symmetrick PSK authentication method
We should ask the NSA authors or their proxies before we do anything.
Heck, maybe some NSA folks might even want to contribute to such an
extension to IKEv2. We are in absolutely no rush, given how long it will
be before serious researchers think there are practical quantum
computers.
--Paul
Hi Scott,
an NTRU Encryption-based IKEv2 key exchange is actually what the
strongSwan open source VPN software has been offering with the
ntru plugin for more than a year:
https://wiki.strongswan.org/projects/strongswan/wiki/NTRU
For the four security strengths of 112, 128, 192 and 256 bits
On Aug 20, 2015, at 10:26 AM, Scott Fluhrer (sfluhrer) sfluh...@cisco.com
wrote:
...
Does NSA mean this difference when claiming that IKEv1 PSK mode is the
only QC-safe protocol?
I believe so.
Should we add similar mode to IKEv2?
I believe that there is an easier alternative; the
of that capability in the five to ten
years timeframe.
Mike
-Original Message-
From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Michael Richardson
Sent: Wednesday, August 19, 2015 13:17
To: Dan Harkins dhark...@lounge.org
Cc: IPsecME WG ipsec@ietf.org
Subject: Re: [IPsec] PSK mode
Dan Harkins dhark...@lounge.org wrote:
https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
CSfC deployments involving an IKE/IPsec layer may use RFC
2409-conformant implementations of the IKE standard (IKEv1)
together with large, high-entropy, pre-shared keys and
: [IPsec] PSK mode
On Aug 19, 2015, at 1:32 PM, Mike Borza mbo...@elliptictech.com wrote:
They don't mention IKEv2. I don't know IKEv2 well enough to know whether
there are any symmetric PSK authentication schemes, but if not, perhaps there
should be. The point they're making
Mike Borza mbo...@elliptictech.com wrote:
They don't mention IKEv2. I don't know IKEv2 well enough to know
whether there are any symmetric PSK authentication schemes, but if not,
perhaps there should be. The point they're making is that the
There are PSK methods.
But, all the
https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
CSfC deployments involving an IKE/IPsec layer may use RFC
2409-conformant implementations of the IKE standard (IKEv1)
together with large, high-entropy, pre-shared keys and the
AES-256 encryption algorithm. RFC 2409 is
15 matches
Mail list logo
