Quantum-resistant IKEv2 VPNs based on RFC 8784 and/or RFC 9242 and RFC 9370 prevent attackers who are attempting to execute Harvest Now, Decrypt Later attacks from stealing the cryptographic key material used to encrypt data in the VPN. Without the cryptographic keys, attackers can't decrypt harvested data later with a cryptographically relevant quantum computer. Even if attackers successfully steal the encrypted data, without a cryptographically relevant quantum computer to decrypt the key material, they can't compromise the harvested data because they can't decrypt it without the key.

RFC 8784 provides a quantum-resistant transition from today's classical cryptography to post-quantum cryptography that you can implement today. RFC 8784 doesn’t require cryptography upgrades so its implementation is straightforward and fast as long as both VPN devices on each side of the tunnel can support it.

RFC 9242 and RFC 9370 are more resource intensive than RFC 8784 but provide a dynamic key generation capability based on the new PQC mathematical algorithms that are not vulnerable to Shor’s algorithm. Because RFC 9242 and RFC 9370 require cryptography upgrades, it can take longer to deploy the hybrid key technology so you need to take cryptographic agility into account.

This chapter shows you how to configure post-quantum IKEv2 VPNs, including how to configure post-quantum IKEv2 VPNs in scenarios where you know the IKEv2 peer and its capabilities and scenarios where don't control the IKEv2 peer and don't know its capabilities.