Skip to main content

Postquantum Preshared Keys for IKEv2

Document Type Replaced Internet-Draft (ipsecme WG)
Expired & archived
Authors Scott Fluhrer , David McGrew , Panos Kampanakis
Last updated 2017-04-19
Replaced by draft-ietf-ipsecme-qr-ikev2
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status Informational
Additional resources Mailing list discussion
Stream WG state Adopted by a WG
Document shepherd David Waltermire
IESG IESG state Replaced by draft-ietf-ipsecme-qr-ikev2
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to "David Waltermire" <>

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The possibility of quantum computers pose a serious challenge to cryptography algorithms widely today. IKEv2 is one example of a cryptosystem that could be broken; someone storing VPN communications today could decrypt them at a later time when a quantum computer is available. It is anticipated that IKEv2 will be extended to support quantum secure key exchange algorithms; however that is not likely to happen in the near term. To address this problem before then, this document describes an extension of IKEv2 to allow it to be resistant to a Quantum Computer, by using preshared keys.


Scott Fluhrer
David McGrew
Panos Kampanakis

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)