Beyond 64KB Limit of IKEv2 Payload
draft-tjhai-ikev2-beyond-64k-limit-00

Document Type Active Internet-Draft (individual)
Authors C. Tjhai  , Tobias Heider  , Valery Smyslov 
Last updated 2020-10-30
Stream (None)
Intended RFC status (None)
Formats plain text xml pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                          CJ. Tjhai
Internet-Draft                                              Post-Quantum
Intended status: Standards Track                               T. Heider
Expires: May 5, 2021                                          genua GmbH
                                                              V. Smyslov
                                                              ELVIS-PLUS
                                                        November 1, 2020

                   Beyond 64KB Limit of IKEv2 Payload
                 draft-tjhai-ikev2-beyond-64k-limit-00

Abstract

   The maximum Internet Key Exchange Version 2 (IKEv2) payload size is
   limited to 64KB.  This makes IKEv2 not usable for conservative post-
   quantum cryptosystem whose public-key is larger than 64KB.  This
   document describes the mechanisms and considerations to exchange such
   large key-establishment data in IKEv2.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on May 5, 2021.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must

Tjhai, et al.              Expires May 5, 2021                  [Page 1]
Internet-Draft                 Beyond 64KB                 November 2020

   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Fragmentation of Large Payload  . . . . . . . . . . . . . . .   4
     2.1.  Hash and URL  . . . . . . . . . . . . . . . . . . . . . .   4
       2.1.1.  Key Exchange Payload  . . . . . . . . . . . . . . . .   4
       2.1.2.  Certificate Payload . . . . . . . . . . . . . . . . .   5
     2.2.  Payload Fragmentation . . . . . . . . . . . . . . . . . .   5
       2.2.1.  Bulk Transfer and Confirmation  . . . . . . . . . . .   6
       2.2.2.  Incremental Transfer and Confirmation . . . . . . . .   7
   3.  Operational Considerations  . . . . . . . . . . . . . . . . .   8
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   9
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   9
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .  10
     5.2.  Informative References  . . . . . . . . . . . . . . . . .  10
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  11

1.  Introduction

   Our digital communications are secured by public-key cryptography
   algorithms that relies on computational hardness assumptions such as
   the difficulty in factoring large integers or that of finding the
   discrete logarithm on an elliptic curve group or finite-field.
   Recent advances in quantum computing, however, have caused some
   concerns on the security of these assumptions.  It is conjectured
   that these hard computational problems can be solved in polynomial
   time when sufficiently large quantum computers become available.  The
   concerns have prompted the National Institute of Standards and
   Technology (NIST) to initiate a process to standardize one or more
   public-key algorithms that are quantum-resistant.  This family of
   algorithms is known as post-quantum or quantum-resistant
   cryptographic algorithms.

   It would be ideal if these cryptographic algorithms can be drop-in
   replacements to the classical algorithms we currently use.
   Unfortunately, almost all of the post-quantum cryptography algorithms
   have either public-key, ciphertext or signature size that is many
   times larger than their classical counterparts.  One of the issues
   that this will cause, in particular for UDP-based protocols such as
   IPsec, is fragmentation of packets at IP layer.  In the context of
   IPsec/IKEv2 post-quantum key exchange, the fragmentation issue can be
Show full document text