Hi Rod,
Two quick comments:
- I am fine with the Experimental/ISE route.
- I support the SKEYSEED idea. It makes sense as a single point of
integration into the protocol, so that if we ever specify a different
way of generating key material, it would not need to be re-specified for
QKD. Of c
ipsecme-ers,
We have managed to catch a number of people in the halls to discuss
our IPsec with QKD I-D. Haven't managed to catch Yaron yet.
This mail is long. First, an admin summary of where we are, then a
technical & writing action item list, and at the bottom a short FYI on
the state of QKD
On Nov 12, 2014, at 3:01 PM, Tony Putman wrote:
> ...
> Perhaps this the key point: will the initiator ever be in a position
> where it does not know that the responder will accept QKD?
I would say yes. That would be a policy matter; it could be viewed as a
downgrade, and if so you may want t
Rod,
I would class myself as an interested bystander, not one who would
actually implement or use a QKD protocol, so I don't know whether this
should be a work item or not. Certainly, some of the suggestions I'm
making should not be adopted unless it *is* accepted as a work item.
On 12/11/14 03:
Thanks Tony, good thoughts. Let me try to respond, though a couple of these
are really Shota’s expertise, so if I misrepresent something hopefully he’ll
correct me.
(Man, it took me much of the afternoon to read through this, dig through a
little code and some RFCs, and I still haven’t complet
Rod,
I read your draft with interest and have a number of comments and
questions. I've not been around long enough to remember previous
discussions on this (and couldn't find anything after a cursory search
in archives), so please forgive me if I'm rehashing previous arguments.
The QKD keys (an
writes:
> I wonder if this should be worded more generically. This is really
> about an external key agreement mechanism. QKD is one such mechanism,
> but it isn’t clear to me that the machinery depends on this.
> Suppose, for example, that you distributed copies of one-time pad
> CDROMs to bo
On Oct 31, 2014, at 7:49 AM, Greg Troxel wrote:
>
> I implemented using QKD material for IPsec (in 2002, if I can remember
> the years right), which included an interface between QKD processing and
> racoon (on NetBSD) to include QKD bits in the Phase 2 hash. What's been
> published on that ef
Actually, we had considered that; the same adjustments to IKE can be used for
any out-of-band, asynchronous but ongoing supplier of key material, with OTP
keys via courier being the obvious example. We decided when we started writing
to focus on the QKD case, simply because we felt that the bro
I wonder if this should be worded more generically. This is really about an
external key agreement mechanism. QKD is one such mechanism, but it isn’t
clear to me that the machinery depends on this.
Suppose, for example, that you distributed copies of one-time pad CDROMs to
both locations, and
Yes, you’re correct, we should be more exact there.
Shor’s algorithm solves both (if you believe in large-scale quantum computers).
Classically, I haven’t studied the relationship in depth myself, but this
bachelor’s thesis from Harvard seems to be a survey:
http://modular.math.washington.edu/pr
A nit in section 5: "The security of Diffie-Hellman depends on the difficulty
of the factoring problem”. More precisely, it depends on the difficulty of the
modular discrete log problem, though it may be (I forgot if this is proven or a
conjecture) that an efficient solution of that problem ca
On Oct 27, 2014, at 2:13 PM, Rodney Van Meter wrote:
>
>
> Current status:
>
> * We have just uploaded an -01 of the I-D we wrote, incorporating feedback
> from several people, including Sean Turner, Sheila Frankel and Alan Mink.
>
> http://datatracker.ietf.org/doc/draft-nagayama-ipsecme-i
Those of you with long-ish memories will recall that about three years ago,
Shota Nagayama and I wrote an I-D on the (relatively minor) modifications to
IKEv2 necessary to use key material generated by quantum key distribution (QKD)
devices. At the time, it generated a bit of controversy, both
Shota Nagayama and I have been experimenting with using keys generated
by quantum key distribution (QKD) devices to key IPsec tunnels. (The
devices we used were borrowed from NEC, but we don't claim to
represent them.)
We have written an I-D on the protocol modifications necessary, and
a
15 matches
Mail list logo
