Quantum-resistant IKEv2 VPNs based on RFC 8784 or RFC 9242 and RFC 9370 prevent attackers who attempt to execute Harvest Now, Decrypt Later attacks from stealing the cryptographic key material used to encrypt data in the VPN. Without the cryptographic keys, attackers can't decrypt harvested data later, even with a cryptographically relevant quantum computer. Even if attackers successfully steal the encrypted data, they can't compromise the harvested data without having both the keys and a cryptographically relevant quantum computer.

RFC 8784 provides a quantum-resistant transition from today's classical cryptography to post-quantum cryptography that you can implement today. RFC 8784 doesn’t require cryptography upgrades, making its implementation straightforward and fast as long as both VPN devices on each side of the tunnel support it.

RFC 9242 and RFC 9370 are more resource intensive than RFC 8784 but provide a dynamic key generation capability based on new PQC mathematical algorithms that aren't vulnerable to Shor’s algorithm. Because RFC 9242 and RFC 9370 require cryptography upgrades, deploying their hybrid key technology can take longer, so you need to take cryptographic agility into account.

This chapter shows how to configure post-quantum IKEv2 VPNs in scenarios where you know the IKEv2 peer and its capabilities and scenarios where you don't control the IKEv2 peer and don't know its capabilities.