To make sure we mention the NIST PQ Level categorization (that will not change as the NIST PQ Project progresses), I was thinking we could add something in the Sec Considerations section like [...] Because of this, the user SHOULD ensure that the post-quantum preshared key used has at least 256 bits of entropy, in order to provide 128 bits of post-quantum security. That provides security equivalent to Level 5 defined in the NIST PQ Project Call For Proposals [NISTPQCFP]. -----Original Message----- From: IPsec <ipsec-bounces@xxxxxxxx> On Behalf Of Paul Wouters Sent: Thursday, December 26, 2019 12:58 PM To: Valery Smyslov <svan@xxxxxxxx> Cc: ipsec@xxxxxxxx WG <ipsec@xxxxxxxx>; last-call@xxxxxxxx; draft-ietf-ipsecme-qr-ikev2.all@xxxxxxxx; 'secdir' <secdir@xxxxxxxx> Subject: Re: [IPsec] [Last-Call] [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09 On Wed, 25 Dec 2019, Valery Smyslov wrote: > Uri, I don't mind referencing NIST levels, but I'd like to first hear > from my co-authors, > > who are definitely more experienced in cryptography and in NIST levels > than I am :-) I don't think mentioning the NIST competition is useful. Per definition, that is incomplete preliminary data. Paul _______________________________________________ IPsec mailing list IPsec@xxxxxxxx https://www.ietf.org/mailman/listinfo/ipsec
<<attachment: smime.p7s>>
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
