RFC 8784 in IPsec

We support Postquantum Pre-shared Key (PPK), as defined in the RFC 8784. The RFC 8784 defines Mixing Pre-shared Keys in the Internet Key Exchange Protocol Version 2 (IKEv2) for post quantum security support in the IKED process through the junos-ike package to negotiate quantum secured IKE and IPsec SAs. The Junos Key Manager (JKM) is introduced to manage different types of quantum keys or PPKs for client applications to make respective infrastructure quantum secured. The IKED process uses the JKM to provide support for quantum secured SAs. Two out-of-band key retrieval mechanisms are supported to get PPKs: Pre shared key: You can configure static keys on concerned gateways and do not need share static keys over the Internet. Quantum Key Distribution: A secure key distribution method based on Quantum Key Distribution (QKD) to generate and distribute keys that are quantum safe. These keys are dynamic.