[Swan-dev] GSoC 2020 - Implementing Multiple Key Exchanges in IKEv2

Paul Wouters paul at nohats.ca
Wed Mar 11 03:31:29 UTC 2020

On Wed, 11 Mar 2020, Yulia K wrote:

> Subject: [Swan-dev] GSoC 2020 - Implementing Multiple Key Exchanges in IKEv2
> Hi everyone,
> I am Yulia Kuzovkova, currently studying for a master's degree in IT Security at Darmstadt University of Technology (Germany).
> I'd love to implement Multiple Key Exchanges in IKEv2 for GSoC 2020.
> I have good programming skills in C and bash scripting, keen interest in cryptography and first experiences implementing side-channel resistant cryptographic
> primitives.
> Please let me know how to proceed.

That would be a very cool project to do for GSoC!

Note that libreswan currently does not support the IKE_INTERMEDIATE
exchange. Note also that we use NSS which has not yet implemented
any of the post quantum NIST candidates, so if you would want to
support anything using the new key exchange, you might need to either
write something for NSS or use another library, probably liboqs ?

Since there is a lot of work here, I would be careful to write your
proposal in such a way that you have multiple targets, so depending
on the time it takes, we end up with a deliverable of something that
we can merge in.

The proposal you will ultimately submit through the GSoC system. It
should convince us that you are serious enough for the undertaking,
show that you have done some cursory investigation in our code base
to see where and why you would change things. This does not have to
be perfect, and of course you are welcome during your investation to
ask us question via email or irc. For development related questions,
this swan-dev is a good list. For GSoC related questions, please use
gsoc at libreswan.org to reach the GSoC mentors.

You might also want to look at our namespace based testing system, and
see if you can get that running, as you would be using that for testing
your new code (and testing that your code didn't break any existing
tests :)

Good luck, and if you have any more specific questions, feel free to
reach out to us!


More information about the Swan-dev mailing list