RFC 8784

Mixing Preshared Keys in the Internet Key Exchange Protocol Version 2 (IKEv2) for Post-quantum Security, June 2020

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Also available: XML file for editing
 
Status:
PROPOSED STANDARD
Authors:
S. Fluhrer
P. Kampanakis
D. McGrew
V. Smyslov
Stream:
IETF
Source:
ipsecme (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC8784

Discuss this RFC: Send questions or comments to the mailing list ipsec@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 8784


Abstract

The possibility of quantum computers poses a serious challenge to cryptographic algorithms deployed widely today. The Internet Key Exchange Protocol Version 2 (IKEv2) is one example of a cryptosystem that could be broken; someone storing VPN communications today could decrypt them at a later time when a quantum computer is available. It is anticipated that IKEv2 will be extended to support quantum-secure key exchange algorithms; however, that is not likely to happen in the near term. To address this problem before then, this document describes an extension of IKEv2 to allow it to be resistant to a quantum computer by using preshared keys.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search