Abstract: This document describes how to extend the Internet Exchange
Protocol Version 2 (IKEv2) to allow multiple key exchanges to take
place while computing of a shared secret during a Security Association
(SA) setup. The primary application of this feature in IKEv2 is the
ability to perform one or more post-quantum key exchanges in
conjunction with the classical (Elliptic Curve) Diffie- Hellman key
exchange, so that the resulting shared key is resistant against
quantum computer attacks. Another possible application is the ability
to combine several key exchanges in situations when no single key
exchange algorithm is trusted by both initiator and responder. This
document updates RFC7296 by renaming a tranform type 4 from Diffie-
Hellman Group (D-H) to Key Exchange Method (KE) and renaming a
field in the Exchange Payload from Diffie-Hellman Group Num to
Key Exchange Method. It also renames an IANA registry for this
transform type from Transform Type 4 - Diffie- Hellman Group
Transform IDs to Transform Type 4 - Exchange Method Transform
IDs. These changes generalize key exchange algorithms that can be
used in IKEv2.
Publication Year: 1999
Publication Date: 1999-01-01
Language: en
Type: article
Access and Citation
Cited By Count: 5
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot