On 11 Dec 2019, at 8:23, Salz, Rich wrote:
We are seeing a flurry of these kind of “post quantum protection” things.
This is the only one I have seen that is a method, not a new key exchange algorithm. It is understandable that you could have missed this from the title which misstates the topic. A much better title would be "Mixing Preshared Keys in IKEv2 for Postquantum Resistance".
This is premature.
Disagree. The method described in the document has been well-discussed in the IPsecME for years, getting good cryptographic review.
The co-chair of the CFRG, Kenny Paterson, said so awhile back.
I don't think that's what he said in the slides you posted, but I've Cc'd him so he can reply. The slides are about picking new post-quantum algorithms; what is described in the draft is a method for mixing in preshared secrets with current algorithms.
--Paul Hoffman -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
