[IPsec] New draft on hybrid key-exchange for IKEv2
Cen Jung Tjhai <CJT@post-quantum.com> Thu, 06 July 2017 09:31 UTC
Return-Path: <CJT@post-quantum.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5D431270A3 for <ipsec@ietfa.amsl.com>; Thu, 6 Jul 2017 02:31:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2wiycvbb6Zvp for <ipsec@ietfa.amsl.com>; Thu, 6 Jul 2017 02:31:25 -0700 (PDT)
Received: from relay.ezis.com (relay.ezis.com [5.153.73.19]) by ietfa.amsl.com (Postfix) with ESMTP id E680A120721 for <ipsec@ietf.org>; Thu, 6 Jul 2017 02:31:24 -0700 (PDT)
Received: from unknown (HELO pqex01.post-quantum.com) ([192.168.142.3]) by ironport.ezis.com with ESMTP; 06 Jul 2017 10:31:23 +0100
Received: from PQEX02.post-quantum.com (192.168.142.18) by PQEX01.post-quantum.com (192.168.142.3) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Thu, 6 Jul 2017 10:31:22 +0100
Received: from PQEX02.post-quantum.com ([fe80::f470:9812:e4eb:5bd3]) by PQEX02.post-quantum.com ([fe80::f470:9812:e4eb:5bd3%13]) with mapi id 15.00.1263.000; Thu, 6 Jul 2017 10:31:22 +0100
From: Cen Jung Tjhai <CJT@post-quantum.com>
To: "ipsec@ietf.org" <ipsec@ietf.org>
Thread-Topic: New draft on hybrid key-exchange for IKEv2
Thread-Index: AQHS9jqh6gUaasKwMkCtsRJVSN8jew==
Date: Thu, 06 Jul 2017 09:31:22 +0000
Message-ID: <3068D3E0-E1FD-4911-AA7C-E8DC64A158D0@post-quantum.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.3.255.7]
Content-Type: text/plain; charset="utf-8"
Content-ID: <FAFD0162EE5B364D91E6021B870A94EF@post-quantum.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/PX2q9C0YnXCy58KAUl-Eqad3iP4>
Subject: [IPsec] New draft on hybrid key-exchange for IKEv2
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jul 2017 09:31:27 -0000
Dear all, Last month, we submitted a draft on optional key exchange payload carrying quantum-safe public data, which is used in conjunction with DH key exchange to establish a quantum-safe shared secret between IKEv2 peers. The draft can be obtained here: https://www.ietf.org/staging/draft-ietf-ipsecme-hybrid-qske-ikev2-00.txt Unfortunately, due to incorrect naming convention of the draft, it did not make it through the final process. However, David Waltermire has steered us in the right direction and we will resubmit the draft after 16th July. In the meantime, we would be grateful to hear any feedbacks or comments on this. We would be happy to discuss it in Prague too. We would like to add that we also have an open source implementation (using strongSwan) that demonstrates this extension. The source code is available at this forked strongSwan repository: https://github.com/post-quantum/strongswan, at "qske" branch. Please refer to https://github.com/post-quantum/strongswan/blob/qske/README.QSKE.md for additional information. Best wishes, CJ
- [IPsec] New draft on hybrid key-exchange for IKEv2 Cen Jung Tjhai