Feature #2710
Postquantum Preshared Keys for IKEv2
Description
There is new IETF ipsecme group draft draft-fluhrer-qr-ikev2-04, which describes an extension of IKEv2 to allow it to be resistant to a Quantum Computer.
It would be great if strongswan could support this draft:
https://tools.ietf.org/html/draft-fluhrer-qr-ikev2-04
Right now two other IKEv2 implementations are already supporting this draft:
1. libreswan (since 3.23):
https://libreswan.org/wiki/Postquantum_Preshared_Keys
2. Fortinet Fortigate Firewalls (since 6.0):
http://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-ipsecvpn/Phase_1/Defining_IKE_Negotiation.htm (Paragraph: Quantum resistant IKEv2 SA negotiation)
Best Regards
Dominik
Associated revisions
History
#1 Updated by Andreas Steffen over 2 years ago
Hi Dominik,
rather than revert to rather tiresome legacy PSKs, we focus on post-quantum key exchange mechanisms as offered by the NIST round 1 submission candidates. We have an experimental Quantum-Safe Key Exchange (QSKE) branch ready which uses the proposed IKE_AUX message to transfer the rather large post-quantum public keys and ciphertexts:
https://wiki.strongswan.org/projects/strongswan/repository?rev=ikev2-qske-notify
Regards
Andreas
#2 Updated by Andreas Steffen over 2 years ago
- Status changed from New to Feedback
- Assignee set to Andreas Steffen
#3 Updated by Tobias Brunner over 2 years ago
Even though I wholeheartedly agree with Andreas' sentiment that QSKE is the better approach, I still gave it a shot and implemented the current draft in the ikev2-ppk branch.
#4 Updated by Tobias Brunner over 2 years ago
- Category set to libcharon
- Status changed from Feedback to Closed
- Target version set to 5.7.0
- Resolution set to Fixed
Merge branch 'ikev2-ppk'
Adds support for Postquantum Preshared Keys for IKEv2.
Fixes #2710.