Hi Group, Here is a new draft for an IKEv2 hybrid authentication scheme that contains both PQC and traditional algorithms, using certificates without or with composite keys; following is the summary, comments are welcomed!
https://datatracker.ietf.org/doc/draft-hu-ipsecme-pqt-hybrid-auth/ Abstract: One IPsec area that would be impacted by Cryptographically Relevant Quantum Computer (CRQC) is IKEv2 authentication based on classic asymmetric cryptograph algorithms: e.g RSA, ECDSA; which are widely deployed authentication options of IKEv2. There are new Post-Quantum Cryptograph (PQC) algorithms for digital signature like NIST [ML-DSA], however it takes time for new cryptograph algorithms to mature, so there is security risk to use only the new algorithm before it is field proven. This document describes a IKEv2 hybrid authentication scheme that could contain both classic and PQC algorithms, so that authentication is secure as long as one algorithm in the hybrid scheme is secure. ------ Hu Jun _______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
